CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2020-1896 (GCVE-0-2020-1896)
Vulnerability from cvelistv5 – Published: 2021-02-02 06:50 – Updated: 2024-08-04 06:53
VLAI
Summary
A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 (https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2) allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.
Severity
No CVSS data available.
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.facebook.com/security/advisories/cve-… | x_refsource_CONFIRM |
| https://github.com/facebook/hermes/commit/86543ac… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.facebook.com/security/advisories/cve-2020-1896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Hermes",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "commit prior to 86543ac47e59c522976b5632b8bf9a2a4583c7d2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack overflow vulnerability in Facebook Hermes \u0027builtin apply\u0027 prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 (https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2) allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-11T14:25:42.000Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2020-1896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNEDE": "2021-02-01",
"ID": "CVE-2020-1896",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Hermes",
"version": {
"version_data": [
{
"version_value": "commit prior to 86543ac47e59c522976b5632b8bf9a2a4583c7d2"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack overflow vulnerability in Facebook Hermes \u0027builtin apply\u0027 prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 (https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2) allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.facebook.com/security/advisories/cve-2020-1896",
"refsource": "CONFIRM",
"url": "https://www.facebook.com/security/advisories/cve-2020-1896"
},
{
"name": "https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2",
"refsource": "CONFIRM",
"url": "https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2020-1896",
"datePublished": "2021-02-02T06:50:11.000Z",
"dateReserved": "2019-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:59.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1921 (GCVE-0-2020-1921)
Vulnerability from cvelistv5 – Published: 2021-03-10 15:50 – Updated: 2024-08-04 06:54
VLAI
Summary
In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0.
Severity
No CVSS data available.
CWE
- CWE-121 - Stack-based Buffer Overflow (CWE-121)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://hhvm.com/blog/2021/02/25/security-update.html | x_refsource_MISC |
| https://github.com/facebook/hhvm/commit/08193b7f0… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HHVM |
Unaffected:
4.98.1 , < unspecified
(custom)
Affected: 4.98.0 Unaffected: 4.97.1 , < unspecified (custom) Affected: 4.97.0 Unaffected: 4.96.1 , < unspecified (custom) Affected: 4.96.0 Unaffected: 4.95.1 , < unspecified (custom) Affected: 4.95.0 Unaffected: 4.94.1 , < unspecified (custom) Affected: 4.94.0 Unaffected: 4.93.2 , < unspecified (custom) Affected: 4.81.0 , < unspecified (custom) Unaffected: 4.80.2 , < unspecified (custom) Affected: 4.57.0 , < unspecified (custom) Unaffected: 4.56.3 , < unspecified (custom) Affected: unspecified , < 4.56.3 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hhvm.com/blog/2021/02/25/security-update.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HHVM",
"vendor": "Facebook",
"versions": [
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.98.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.98.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.97.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.97.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.96.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.96.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.95.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.95.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.94.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.94.0"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.93.2",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.81.0",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.80.2",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.57.0",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "4.56.3",
"versionType": "custom"
},
{
"lessThan": "4.56.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2020-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-10T15:50:30.000Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hhvm.com/blog/2021/02/25/security-update.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2020-12-14",
"ID": "CVE-2020-1921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HHVM",
"version": {
"version_data": [
{
"version_affected": "!\u003e=",
"version_value": "4.98.1"
},
{
"version_affected": "=",
"version_value": "4.98.0"
},
{
"version_affected": "!\u003e=",
"version_value": "4.97.1"
},
{
"version_affected": "=",
"version_value": "4.97.0"
},
{
"version_affected": "!\u003e=",
"version_value": "4.96.1"
},
{
"version_affected": "=",
"version_value": "4.96.0"
},
{
"version_affected": "!\u003e=",
"version_value": "4.95.1"
},
{
"version_affected": "=",
"version_value": "4.95.0"
},
{
"version_affected": "!\u003e=",
"version_value": "4.94.1"
},
{
"version_affected": "=",
"version_value": "4.94.0"
},
{
"version_affected": "!\u003e=",
"version_value": "4.93.2"
},
{
"version_affected": "\u003e=",
"version_value": "4.81.0"
},
{
"version_affected": "!\u003e=",
"version_value": "4.80.2"
},
{
"version_affected": "\u003e=",
"version_value": "4.57.0"
},
{
"version_affected": "!\u003e=",
"version_value": "4.56.3"
},
{
"version_affected": "\u003c",
"version_value": "4.56.3"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow (CWE-121)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hhvm.com/blog/2021/02/25/security-update.html",
"refsource": "MISC",
"url": "https://hhvm.com/blog/2021/02/25/security-update.html"
},
{
"name": "https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca",
"refsource": "MISC",
"url": "https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2020-1921",
"datePublished": "2021-03-10T15:50:30.000Z",
"dateReserved": "2019-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:54:00.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1990 (GCVE-0-2020-1990)
Vulnerability from cvelistv5 – Published: 2020-04-08 18:41 – Updated: 2024-09-17 01:16
VLAI
Title
PAN-OS: Buffer overflow in the management server
Summary
A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7. This issue does not affect PAN-OS 7.1.
Severity
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2020-1990 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | PAN-OS |
Unaffected:
7.1.*
Affected: 8.1 , < 8.1.13 (custom) Affected: 9.0 , < 9.0.7 (custom) |
Date Public
2020-04-08 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1990"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "7.1.*"
},
{
"changes": [
{
"at": "8.1.13",
"status": "unaffected"
}
],
"lessThan": "8.1.13",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.7",
"status": "unaffected"
}
],
"lessThan": "9.0.7",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"datePublic": "2020-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7. This issue does not affect PAN-OS 7.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T18:41:58.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-1990"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7 and all later versions."
}
],
"source": {
"defect": [
"PAN-121319"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Buffer overflow in the management server",
"workarounds": [
{
"lang": "en",
"value": "These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
"ID": "CVE-2020-1990",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Buffer overflow in the management server"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.13"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.7"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.13"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.7"
},
{
"version_affected": "!",
"version_name": "7.1",
"version_value": "7.1.*"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7. This issue does not affect PAN-OS 7.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-1990",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-1990"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7 and all later versions."
}
],
"source": {
"defect": [
"PAN-121319"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-04-08T00:00:00.000Z",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-1990",
"datePublished": "2020-04-08T18:41:58.493Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:16:16.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2000 (GCVE-0-2020-2000)
Vulnerability from cvelistv5 – Published: 2020-11-12 00:05 – Updated: 2024-09-16 16:58
VLAI
Title
PAN-OS: OS command injection and memory corruption vulnerability
Summary
An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.
Severity
7.2 (High)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2020-2000 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | PAN-OS |
Affected:
8.1 , < 8.1.16
(custom)
Affected: 9.0 , < 9.0.10 (custom) Affected: 9.1 , < 9.1.4 (custom) Affected: 10.0 , < 10.0.1 (custom) |
Date Public
2020-11-11 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-2000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.16",
"status": "unaffected"
}
],
"lessThan": "8.1.16",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.10",
"status": "unaffected"
}
],
"lessThan": "9.0.10",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.4",
"status": "unaffected"
}
],
"lessThan": "9.1.4",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.1",
"status": "unaffected"
}
],
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"datePublic": "2020-11-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-12T00:05:20.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-2000"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-149822",
"PAN-150013",
"PAN-150170"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-11-11T00:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: OS command injection and memory corruption vulnerability",
"workarounds": [
{
"lang": "en",
"value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-11-11T17:00:00.000Z",
"ID": "CVE-2020-2000",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: OS command injection and memory corruption vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.16"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.10"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.4"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.1"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.16"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.10"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.4"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.1"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-2000",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-2000"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-149822",
"PAN-150013",
"PAN-150170"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-11-11T00:00:00.000Z",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2000",
"datePublished": "2020-11-12T00:05:20.120Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:58:42.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2006 (GCVE-0-2020-2006)
Vulnerability from cvelistv5 – Published: 2020-05-13 19:07 – Updated: 2024-09-16 16:57
VLAI
Title
PAN-OS: Buffer overflow in management server payload parser
Summary
A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14.
Severity
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2020-2006 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | PAN-OS |
Affected:
7.1.*
Affected: 8.0.* Affected: 8.1 , < 8.1.14 (custom) |
Date Public
2020-05-13 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-2006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "7.1.*"
},
{
"status": "affected",
"version": "8.0.*"
},
{
"changes": [
{
"at": "8.1.14",
"status": "unaffected"
}
],
"lessThan": "8.1.14",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks Jin Chen of Palo Alto Networks for discovering and reporting this issue."
}
],
"datePublic": "2020-05-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-13T19:07:14.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-2006"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
}
],
"source": {
"defect": [
"PAN-100855"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-05-13T00:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Buffer overflow in management server payload parser",
"workarounds": [
{
"lang": "en",
"value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
"ID": "CVE-2020-2006",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Buffer overflow in management server payload parser"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.14"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.14"
},
{
"version_affected": "=",
"version_name": "7.1",
"version_value": "7.1.*"
},
{
"version_affected": "=",
"version_name": "8.0",
"version_value": "8.0.*"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Jin Chen of Palo Alto Networks for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-2006",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-2006"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
}
],
"source": {
"defect": [
"PAN-100855"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-05-13T00:00:00.000Z",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2006",
"datePublished": "2020-05-13T19:07:14.307Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:57:44.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2027 (GCVE-0-2020-2027)
Vulnerability from cvelistv5 – Published: 2020-06-10 17:28 – Updated: 2024-09-17 03:17
VLAI
Title
PAN-OS: Buffer overflow in authd authentication response
Summary
A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS 9.0.7.
Severity
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2020-2027 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | PAN-OS |
Affected:
7.1.*
Affected: 8.0.* Affected: 8.1 , < 8.1.13 (custom) Affected: 9.0 , < 9.0.7 (custom) Unaffected: 9.1.0 , < 9.1* (custom) |
Date Public
2020-06-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-2027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "7.1.*"
},
{
"status": "affected",
"version": "8.0.*"
},
{
"changes": [
{
"at": "8.1.13",
"status": "unaffected"
}
],
"lessThan": "8.1.13",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.7",
"status": "unaffected"
}
],
"lessThan": "9.0.7",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThan": "9.1*",
"status": "unaffected",
"version": "9.1.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS 9.0.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-10T17:28:15.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-2027"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions."
},
{
"lang": "en",
"value": "PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
}
],
"source": {
"defect": [
"CYR-10833"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-06-10T00:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Buffer overflow in authd authentication response",
"workarounds": [
{
"lang": "en",
"value": "This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
"ID": "CVE-2020-2027",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Buffer overflow in authd authentication response"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.13"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.7"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.13"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.7"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.0"
},
{
"version_affected": "=",
"version_name": "7.1",
"version_value": "7.1.*"
},
{
"version_affected": "=",
"version_name": "8.0",
"version_value": "8.0.*"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS 9.0.7."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-2027",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-2027"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions."
},
{
"lang": "en",
"value": "PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
}
],
"source": {
"defect": [
"CYR-10833"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-06-10T00:00:00.000Z",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2027",
"datePublished": "2020-06-10T17:28:15.853Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:17:38.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2042 (GCVE-0-2020-2042)
Vulnerability from cvelistv5 – Published: 2020-09-09 16:45 – Updated: 2024-09-17 00:56
VLAI
Title
PAN-OS: Buffer overflow in the management web interface
Summary
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.
Severity
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2020-2042 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | PAN-OS |
Unaffected:
9.1.*
Unaffected: 9.0.* Unaffected: 8.1.* Affected: 10.0 , < 10.0.1 (custom) |
Date Public
2020-09-09 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-2042"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "9.1.*"
},
{
"status": "unaffected",
"version": "9.0.*"
},
{
"status": "unaffected",
"version": "8.1.*"
},
{
"changes": [
{
"at": "10.0.1",
"status": "unaffected"
}
],
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"datePublic": "2020-09-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-09T16:45:28.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2020-2042"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 10.0.1 and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-145797",
"PAN-150409"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-09-09T00:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Buffer overflow in the management web interface",
"workarounds": [
{
"lang": "en",
"value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
"ID": "CVE-2020-2042",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Buffer overflow in the management web interface"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.1"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.1"
},
{
"version_affected": "!",
"version_name": "9.1",
"version_value": "9.1.*"
},
{
"version_affected": "!",
"version_name": "9.0",
"version_value": "9.0.*"
},
{
"version_affected": "!",
"version_name": "8.1",
"version_value": "8.1.*"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2020-2042",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2020-2042"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 10.0.1 and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-145797",
"PAN-150409"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2020-09-09T00:00:00.000Z",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2042",
"datePublished": "2020-09-09T16:45:28.844Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:56:17.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2501 (GCVE-0-2020-2501)
Vulnerability from cvelistv5 – Published: 2021-02-17 03:25 – Updated: 2024-09-16 19:47
VLAI
Title
Stack Buffer Overflow in Surveillance Station
Summary
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)
Severity
No CVSS data available.
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.qnap.com/en/security-advisory/qsa-21-07 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | Surveillance Station |
Affected:
unspecified , < 5.1.5.4.3
(custom)
|
|
| QNAP Systems Inc. | Surveillance Station |
Affected:
unspecified , < 5.1.5.3.3
(custom)
|
Date Public
2021-02-17 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:09:54.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-21-07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS)"
],
"product": "Surveillance Station",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.1.5.4.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS) ."
],
"product": "Surveillance Station",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.1.5.3.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "An independent security researcher reported this vulnerability to SSD Secure Disclosure"
}
],
"datePublic": "2021-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-17T03:25:13.000Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-21-07"
}
],
"solutions": [
{
"lang": "en",
"value": "QNAP have already fixed this vulnerability in the following versions:\n\nSurveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS)\nSurveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)"
}
],
"source": {
"advisory": "QSA-21-07",
"discovery": "EXTERNAL"
},
"title": "Stack Buffer Overflow in Surveillance Station",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2021-02-17T00:29:00.000Z",
"ID": "CVE-2020-2501",
"STATE": "PUBLIC",
"TITLE": "Stack Buffer Overflow in Surveillance Station"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Surveillance Station",
"version": {
"version_data": [
{
"platform": "ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS)",
"version_affected": "\u003c",
"version_value": "5.1.5.4.3"
},
{
"platform": "ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS) .",
"version_affected": "\u003c",
"version_value": "5.1.5.3.3"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "An independent security researcher reported this vulnerability to SSD Secure Disclosure"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/en/security-advisory/qsa-21-07",
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-07"
}
]
},
"solution": [
{
"lang": "en",
"value": "QNAP have already fixed this vulnerability in the following versions:\n\nSurveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS)\nSurveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)"
}
],
"source": {
"advisory": "QSA-21-07",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2020-2501",
"datePublished": "2021-02-17T03:25:13.658Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:47:04.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25159 (GCVE-0-2020-25159)
Vulnerability from cvelistv5 – Published: 2020-11-24 19:12 – Updated: 2024-09-16 18:09
VLAI
Title
Real Time Automation EtherNet/IP
Summary
499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.
Severity
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-20-324-03 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Real Time Automation | 499ES EtherNet/IP (ENIP) Adaptor Source Code |
Affected:
unspecified , < 2.28
(custom)
|
Date Public
2020-11-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:26:09.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "499ES EtherNet/IP (ENIP) Adaptor Source Code",
"vendor": "Real Time Automation",
"versions": [
{
"lessThan": "2.28",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-24T19:12:51.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-03"
}
],
"source": {
"advisory": "ICSA-20-324-03",
"discovery": "UNKNOWN"
},
"title": "Real Time Automation EtherNet/IP",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2020-11-19T18:28:00.000Z",
"ID": "CVE-2020-25159",
"STATE": "PUBLIC",
"TITLE": "Real Time Automation EtherNet/IP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "499ES EtherNet/IP (ENIP) Adaptor Source Code",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.28"
}
]
}
}
]
},
"vendor_name": "Real Time Automation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-03",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-03"
}
]
},
"source": {
"advisory": "ICSA-20-324-03",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-25159",
"datePublished": "2020-11-24T19:12:51.664Z",
"dateReserved": "2020-09-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:09:26.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25177 (GCVE-0-2020-25177)
Vulnerability from cvelistv5 – Published: 2020-12-01 14:54 – Updated: 2024-08-04 15:26
VLAI
Summary
WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution.
Severity
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-20-310-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | WECON PLC Editor |
Affected:
PLC Editor Versions 1.3.8 and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:26:10.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-310-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WECON PLC Editor",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "PLC Editor Versions 1.3.8 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-01T14:54:39.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-310-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-25177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WECON PLC Editor",
"version": {
"version_data": [
{
"version_value": "PLC Editor Versions 1.3.8 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-310-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-310-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-25177",
"datePublished": "2020-12-01T14:54:39.000Z",
"dateReserved": "2020-09-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:26:10.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-10
Phases: Operation, Build and Compilation
Strategy: Environment Hardening
Description:
- Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
- D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation
Phase: Architecture and Design
Description:
- Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Phase: Implementation
Description:
- Implement and perform bounds checking on input.
Mitigation
Phase: Implementation
Description:
- Do not use dangerous functions such as gets. Use safer, equivalent functions which check for boundary errors.
Mitigation ID: MIT-11
Phases: Operation, Build and Compilation
Strategy: Environment Hardening
Description:
- Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
- Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
- For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].
No CAPEC attack patterns related to this CWE.