Details of VAR-202012-0125

ID

VAR-202012-0125

CVE

CVE-2020-13987

TITLE

Embedded TCP/IP stacks have memory corruption vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#815128

DESCRIPTION

An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c. Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU#96491057 as well as the name AMNESIA:33.CVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not AffectedCVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not Affected. Contiki is an open source cross-platform operating system for IoT (Internet of Things) devices. Contiki-OS has a buffer error vulnerability that stems from not checking the length field of the packet header based on the available data in the packet. Given any length, an out-of-bounds memory read can be performed during the checksum calculation. ========================================================================= Ubuntu Security Notice USN-6259-1 July 27, 2023 open-iscsi vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in Open-iSCSI. Software Description: - open-iscsi: Open Source iSCSI implementation Details: Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-13987) Jos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that Open-iSCSI incorrectly handled certain parsing TCP MSS options. An attacker could possibly use this issue to cause a crash or cause unexpected behavior. (CVE-2020-13988) Amine Amri and Stanislav Dashevskyi discovered that Open-iSCSI incorrectly handled certain TCP data. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-17437) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: open-iscsi 2.0.874-7.1ubuntu6.4 Ubuntu 18.04 LTS (Available with Ubuntu Pro): open-iscsi 2.0.874-5ubuntu2.11+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): open-iscsi 2.0.873+git0.3b4b4500-14ubuntu3.7+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6259-1 CVE-2020-13987, CVE-2020-13988, CVE-2020-17437 Package Information: https://launchpad.net/ubuntu/+source/open-iscsi/2.0.874-7.1ubuntu6.4

Trust: 2.34

sources: NVD: CVE-2020-13987 // CERT/CC: VU#815128 // CNNVD: CNNVD-202012-665 // VULMON: CVE-2020-13987 // PACKETSTORM: 173799

AFFECTED PRODUCTS

vendor:	siemens	model:	sentron pac3200	scope:	lt	version:	2.4.7	Trust: 1.0
vendor:	open iscsi	model:	open-iscsi	scope:	lte	version:	2.1.12	Trust: 1.0
vendor:	siemens	model:	sentron 3va com100	scope:	lt	version:	4.4.1	Trust: 1.0
vendor:	uip	model:	uip	scope:	lte	version:	1.0	Trust: 1.0
vendor:	siemens	model:	sentron 3va com800	scope:	lt	version:	4.4.1	Trust: 1.0
vendor:	siemens	model:	sentron pac4200	scope:	lt	version:	2.3.0	Trust: 1.0

sources: NVD: CVE-2020-13987

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-13987
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202012-665
value:	HIGH
Trust: 0.6
VULMON:	CVE-2020-13987
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-13987
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1

nvd@nist.gov:	CVE-2020-13987
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULMON: CVE-2020-13987 // CNNVD: CNNVD-202012-665 // NVD: CVE-2020-13987

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.0

sources: NVD: CVE-2020-13987

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202012-665

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202012-665

PATCH

title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=6f577a90958bcf377827f0a4058f673f	Trust: 0.1
title:	Brocade Security Advisories: Access Denied Access Denied	url:	https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=54887b0d314c8021dc2d190abfce740d	Trust: 0.1

sources: VULMON: CVE-2020-13987

EXTERNAL IDS

db:	NVD	id:	CVE-2020-13987	Trust: 2.6
db:	CERT/CC	id:	VU#815128	Trust: 2.5
db:	ICS CERT	id:	ICSA-20-343-01	Trust: 1.7
db:	SIEMENS	id:	SSA-541018	Trust: 1.7
db:	ICS CERT	id:	ICSA-21-068-06	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.4363	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1235	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0767	Trust: 0.6
db:	CS-HELP	id:	SB2021122914	Trust: 0.6
db:	CNNVD	id:	CNNVD-202012-665	Trust: 0.6
db:	VULMON	id:	CVE-2020-13987	Trust: 0.1
db:	PACKETSTORM	id:	173799	Trust: 0.1

sources: CERT/CC: VU#815128 // VULMON: CVE-2020-13987 // PACKETSTORM: 173799 // CNNVD: CNNVD-202012-665 // NVD: CVE-2020-13987

REFERENCES

url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01	Trust: 2.3
url:	https://www.kb.cert.org/vuls/id/815128	Trust: 2.3
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf	Trust: 1.7
url:	cve-2020-13984	Trust: 0.8
url:	cve-2020-13985	Trust: 0.8
url:	cve-2020-13986	Trust: 0.8
url:	cve-2020-13987	Trust: 0.8
url:	cve-2020-13988	Trust: 0.8
url:	cve-2020-17437	Trust: 0.8
url:	cve-2020-17438	Trust: 0.8
url:	cve-2020-17439	Trust: 0.8
url:	cve-2020-17440	Trust: 0.8
url:	cve-2020-17441	Trust: 0.8
url:	cve-2020-17442	Trust: 0.8
url:	cve-2020-17443	Trust: 0.8
url:	cve-2020-17444	Trust: 0.8
url:	cve-2020-17445	Trust: 0.8
url:	cve-2020-17467	Trust: 0.8
url:	cve-2020-17468	Trust: 0.8
url:	cve-2020-17469	Trust: 0.8
url:	cve-2020-17470	Trust: 0.8
url:	cve-2020-24334	Trust: 0.8
url:	cve-2020-24335	Trust: 0.8
url:	cve-2020-24336	Trust: 0.8
url:	cve-2020-24337	Trust: 0.8
url:	cve-2020-24338	Trust: 0.8
url:	cve-2020-24339	Trust: 0.8
url:	cve-2020-24340	Trust: 0.8
url:	cve-2020-24341	Trust: 0.8
url:	cve-2020-24383	Trust: 0.8
url:	cve-2020-25107	Trust: 0.8
url:	cve-2020-25108	Trust: 0.8
url:	cve-2020-25109	Trust: 0.8
url:	cve-2020-25110	Trust: 0.8
url:	cve-2020-25111	Trust: 0.8
url:	cve-2020-25112	Trust: 0.8
url:	cve-2021-28362	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13987	Trust: 0.7
url:	https://www.auscert.org.au/bulletins/esb-2021.1235	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021122914	Trust: 0.6
url:	https://vigilance.fr/vulnerability/uip-out-of-bounds-memory-reading-via-upper-layer-chksum-34719	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0767	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4363/	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-068-06	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-21-068-06	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13988	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-17437	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-6259-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/open-iscsi/2.0.874-7.1ubuntu6.4	Trust: 0.1

sources: CERT/CC: VU#815128 // VULMON: CVE-2020-13987 // PACKETSTORM: 173799 // CNNVD: CNNVD-202012-665 // NVD: CVE-2020-13987

CREDITS

This document was written by Vijay Sarvepalli.Statement Date: December 08, 2020

Trust: 0.8

sources: CERT/CC: VU#815128

SOURCES

db:	CERT/CC	id:	VU#815128
db:	VULMON	id:	CVE-2020-13987
db:	PACKETSTORM	id:	173799
db:	CNNVD	id:	CNNVD-202012-665
db:	NVD	id:	CVE-2020-13987

LAST UPDATE DATE

2024-08-14T12:38:46.985000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#815128	date:	2021-05-11T00:00:00
db:	VULMON	id:	CVE-2020-13987	date:	2022-08-06T00:00:00
db:	CNNVD	id:	CNNVD-202012-665	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2020-13987	date:	2022-08-06T03:52:03.833

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#815128	date:	2020-12-08T00:00:00
db:	VULMON	id:	CVE-2020-13987	date:	2020-12-11T00:00:00
db:	PACKETSTORM	id:	173799	date:	2023-07-27T14:33:18
db:	CNNVD	id:	CNNVD-202012-665	date:	2020-12-08T00:00:00
db:	NVD	id:	CVE-2020-13987	date:	2020-12-11T22:15:12.543