Sign-up

ID

VAR-202008-0625


CVE

CVE-2020-14936


TITLE

Contiki-NG Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-010000

DESCRIPTION

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmp_oid_decode_oid() may overwrite memory areas beyond the provided target buffer, when called from snmp_message_decode() upon an SNMP request reception. Because the content of the write operations is externally provided in the SNMP requests, it enables a remote overwrite of an IoT device's memory regions beyond the allocated buffer. This overflow may allow remote overwrite of stack and statically allocated variables memory regions by sending a crafted SNMP request. Contiki-NG Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Contiki-NG is an open source cross-platform operating system for next-generation IoT (Internet of Things) devices. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

Trust: 2.7

sources: NVD: CVE-2020-14936 // JVNDB: JVNDB-2020-010000 // CNVD: CNVD-2020-49538 // CNNVD: CNNVD-202008-933

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-49538

AFFECTED PRODUCTS

vendor:contiki ngmodel:contiki-ngscope:gteversion:4.4

Trust: 1.0

vendor:contiki ngmodel:contiki-ngscope:lteversion:4.5

Trust: 1.0

vendor:contiki ngmodel:contiki-ngscope:eqversion:4.4 から 4.5

Trust: 0.8

vendor:contiki ngmodel:contiki-ngscope:gteversion:4.4,<=4.5

Trust: 0.6

sources: CNVD: CNVD-2020-49538 // JVNDB: JVNDB-2020-010000 // NVD: CVE-2020-14936

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-14936
value: CRITICAL

Trust: 1.0

NVD: JVNDB-2020-010000
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2020-49538
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202008-933
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2020-14936
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-010000
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-49538
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-14936
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-010000
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-49538 // JVNDB: JVNDB-2020-010000 // CNNVD: CNNVD-202008-933 // NVD: CVE-2020-14936

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.8

sources: JVNDB: JVNDB-2020-010000 // NVD: CVE-2020-14936

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202008-933

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202008-933

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-010000

PATCH
title:Out of bounds memory read/write in SNMP agent #1351url:https://github.com/contiki-ng/contiki-ng/issues/1351
Trust: 0.8
title:Patch for Contiki-NG buffer overflow vulnerability (CNVD-2020-49538)url:https://www.cnvd.org.cn/patchInfo/show/231832
Trust: 0.6
title:Contiki-NG Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126575
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-49538 // 
            
            
            
            JVNDB: JVNDB-2020-010000 // 
            
            
            
            CNNVD: CNNVD-202008-933

EXTERNAL IDS
db:NVDid:CVE-2020-14936
Trust: 3.0
db:JVNDBid:JVNDB-2020-010000
Trust: 0.8
db:CNVDid:CNVD-2020-49538
Trust: 0.6
db:CNNVDid:CNNVD-202008-933
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-49538 // 
            
            
            
            JVNDB: JVNDB-2020-010000 // 
            
            
            
            CNNVD: CNNVD-202008-933 // 
            
            
            
            NVD: CVE-2020-14936

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2020-14936
Trust: 2.0
url:https://drive.google.com/file/d/1fypwh_g475jsl0mdfzquaatcerihq2kj/view?usp=sharing
Trust: 1.6
url:https://github.com/contiki-ng/contiki-ng/issues/1351
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14936
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2020-49538 // 
            
            
            
            JVNDB: JVNDB-2020-010000 // 
            
            
            
            CNNVD: CNNVD-202008-933 // 
            
            
            
            NVD: CVE-2020-14936

SOURCES
db:CNVDid:CNVD-2020-49538
db:JVNDBid:JVNDB-2020-010000
db:CNNVDid:CNNVD-202008-933
db:NVDid:CVE-2020-14936

LAST UPDATE DATE
2024-11-23T23:11:18.576000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-49538date:2020-08-31T00:00:00
db:JVNDBid:JVNDB-2020-010000date:2020-12-16T07:14:18
db:CNNVDid:CNNVD-202008-933date:2020-09-03T00:00:00
db:NVDid:CVE-2020-14936date:2024-11-21T05:04:28.557

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-49538date:2020-08-26T00:00:00
db:JVNDBid:JVNDB-2020-010000date:2020-12-16T07:14:18
db:CNNVDid:CNNVD-202008-933date:2020-08-18T00:00:00
db:NVDid:CVE-2020-14936date:2020-08-18T17:15:11.440