ID

VAR-202012-0126


CVE

CVE-2020-13988


TITLE

Embedded TCP/IP stacks have memory corruption vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#815128

DESCRIPTION

An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c. Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU#96491057 as well as the name AMNESIA:33.CVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not AffectedCVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not Affected. Siemens SENTRON PAC3200, etc. are all products of German Siemens (Siemens). Siemens SENTRON PAC3200 is a multifunctional power meter for industrial environments. Siemens SENTRON PAC4200 is a multifunctional power meter for industrial environments. Siemens SIRIUS 3RW5 is a soft start device for industrial environments. The Siemens device has an input verification error vulnerability. Attackers can use this vulnerability to send a specially crafted IP packet to a device located on the same network to trigger a denial of service condition on the device. ========================================================================= Ubuntu Security Notice USN-6259-1 July 27, 2023 open-iscsi vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in Open-iSCSI. Software Description: - open-iscsi: Open Source iSCSI implementation Details: Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-13987) Jos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that Open-iSCSI incorrectly handled certain parsing TCP MSS options. An attacker could possibly use this issue to cause a crash or cause unexpected behavior. (CVE-2020-13988) Amine Amri and Stanislav Dashevskyi discovered that Open-iSCSI incorrectly handled certain TCP data. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-17437) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: open-iscsi 2.0.874-7.1ubuntu6.4 Ubuntu 18.04 LTS (Available with Ubuntu Pro): open-iscsi 2.0.874-5ubuntu2.11+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): open-iscsi 2.0.873+git0.3b4b4500-14ubuntu3.7+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6259-1 CVE-2020-13987, CVE-2020-13988, CVE-2020-17437 Package Information: https://launchpad.net/ubuntu/+source/open-iscsi/2.0.874-7.1ubuntu6.4

Trust: 2.34

sources: NVD: CVE-2020-13988 // CERT/CC: VU#815128 // CNVD: CNVD-2020-70922 // VULMON: CVE-2020-13988 // PACKETSTORM: 173799

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-70922

AFFECTED PRODUCTS

vendor:contiki ngmodel:contiki-ngscope:lteversion:3.0

Trust: 1.0

vendor:siemensmodel:sirius 3rw5 communication module modbustcpscope: - version: -

Trust: 0.6

vendor:siemensmodel:sentron pac4200scope:ltversion:v2.0.1

Trust: 0.6

vendor:siemensmodel:sentron pac3200scope:ltversion:v2.4.5

Trust: 0.6

sources: CNVD: CNVD-2020-70922 // NVD: CVE-2020-13988

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-13988
value: HIGH

Trust: 1.0

CNVD: CNVD-2020-70922
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202012-718
value: HIGH

Trust: 0.6

VULMON: CVE-2020-13988
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-13988
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2020-70922
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-13988
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2020-70922 // VULMON: CVE-2020-13988 // CNNVD: CNNVD-202012-718 // NVD: CVE-2020-13988

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.0

sources: NVD: CVE-2020-13988

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202012-718

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202012-718

PATCH

title:Patch for Vulnerability of input verification errors in many Siemens products (CNVD-2020-70922)url:https://www.cnvd.org.cn/patchInfo/show/241942

Trust: 0.6

title:Multiple Siemens Product input verification error vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=137438

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=7702f40d3d2988ba9e57c409d53c9e8b

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=6f577a90958bcf377827f0a4058f673f

Trust: 0.1

title:Brocade Security Advisories: Access Denied Access Deniedurl:https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=54887b0d314c8021dc2d190abfce740d

Trust: 0.1

sources: CNVD: CNVD-2020-70922 // VULMON: CVE-2020-13988 // CNNVD: CNNVD-202012-718

EXTERNAL IDS

db:NVDid:CVE-2020-13988

Trust: 3.2

db:CERT/CCid:VU#815128

Trust: 2.5

db:ICS CERTid:ICSA-20-343-01

Trust: 1.7

db:SIEMENSid:SSA-541017

Trust: 0.7

db:CNVDid:CNVD-2020-70922

Trust: 0.6

db:CS-HELPid:SB2021122914

Trust: 0.6

db:AUSCERTid:ESB-2021.0767

Trust: 0.6

db:AUSCERTid:ESB-2021.1235

Trust: 0.6

db:AUSCERTid:ESB-2020.4359

Trust: 0.6

db:ICS CERTid:ICSA-20-343-05

Trust: 0.6

db:CNNVDid:CNNVD-202012-718

Trust: 0.6

db:VULMONid:CVE-2020-13988

Trust: 0.1

db:PACKETSTORMid:173799

Trust: 0.1

sources: CERT/CC: VU#815128 // CNVD: CNVD-2020-70922 // VULMON: CVE-2020-13988 // PACKETSTORM: 173799 // CNNVD: CNNVD-202012-718 // NVD: CVE-2020-13988

REFERENCES

url:https://www.kb.cert.org/vuls/id/815128

Trust: 2.3

url:https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01

Trust: 1.7

url:cve-2020-13984

Trust: 0.8

url:cve-2020-13985

Trust: 0.8

url:cve-2020-13986

Trust: 0.8

url:cve-2020-13987

Trust: 0.8

url:cve-2020-13988

Trust: 0.8

url:cve-2020-17437

Trust: 0.8

url:cve-2020-17438

Trust: 0.8

url:cve-2020-17439

Trust: 0.8

url:cve-2020-17440

Trust: 0.8

url:cve-2020-17441

Trust: 0.8

url:cve-2020-17442

Trust: 0.8

url:cve-2020-17443

Trust: 0.8

url:cve-2020-17444

Trust: 0.8

url:cve-2020-17445

Trust: 0.8

url:cve-2020-17467

Trust: 0.8

url:cve-2020-17468

Trust: 0.8

url:cve-2020-17469

Trust: 0.8

url:cve-2020-17470

Trust: 0.8

url:cve-2020-24334

Trust: 0.8

url:cve-2020-24335

Trust: 0.8

url:cve-2020-24336

Trust: 0.8

url:cve-2020-24337

Trust: 0.8

url:cve-2020-24338

Trust: 0.8

url:cve-2020-24339

Trust: 0.8

url:cve-2020-24340

Trust: 0.8

url:cve-2020-24341

Trust: 0.8

url:cve-2020-24383

Trust: 0.8

url:cve-2020-25107

Trust: 0.8

url:cve-2020-25108

Trust: 0.8

url:cve-2020-25109

Trust: 0.8

url:cve-2020-25110

Trust: 0.8

url:cve-2020-25111

Trust: 0.8

url:cve-2020-25112

Trust: 0.8

url:cve-2021-28362

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-13988

Trust: 0.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-541017.pdf

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1235

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4359/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021122914

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-20-343-05

Trust: 0.6

url:https://vigilance.fr/vulnerability/uip-integer-overflow-via-uip-process-34720

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0767

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/190.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://cert-portal.siemens.com/productcert/txt/ssa-541017.txt

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13987

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-17437

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-6259-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/open-iscsi/2.0.874-7.1ubuntu6.4

Trust: 0.1

sources: CERT/CC: VU#815128 // CNVD: CNVD-2020-70922 // VULMON: CVE-2020-13988 // PACKETSTORM: 173799 // CNNVD: CNNVD-202012-718 // NVD: CVE-2020-13988

CREDITS

This document was written by Vijay Sarvepalli.Statement Date:   December 08, 2020

Trust: 0.8

sources: CERT/CC: VU#815128

SOURCES

db:CERT/CCid:VU#815128
db:CNVDid:CNVD-2020-70922
db:VULMONid:CVE-2020-13988
db:PACKETSTORMid:173799
db:CNNVDid:CNNVD-202012-718
db:NVDid:CVE-2020-13988

LAST UPDATE DATE

2024-11-23T20:43:26.921000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#815128date:2021-05-11T00:00:00
db:CNVDid:CNVD-2020-70922date:2020-12-12T00:00:00
db:VULMONid:CVE-2020-13988date:2020-12-16T00:00:00
db:CNNVDid:CNNVD-202012-718date:2021-12-30T00:00:00
db:NVDid:CVE-2020-13988date:2024-11-21T05:02:17.837

SOURCES RELEASE DATE

db:CERT/CCid:VU#815128date:2020-12-08T00:00:00
db:CNVDid:CNVD-2020-70922date:2020-12-12T00:00:00
db:VULMONid:CVE-2020-13988date:2020-12-11T00:00:00
db:PACKETSTORMid:173799date:2023-07-27T14:33:18
db:CNNVDid:CNNVD-202012-718date:2020-12-08T00:00:00
db:NVDid:CVE-2020-13988date:2020-12-11T22:15:12.623