CVE-2019-20788

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2019-20788
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html Mailing List Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf Patch Third Party Advisory
https://github.com/LibVNC/libvncserver/commit/54220248886b5001fbbb9fa73c4e1a2cb9413fed Patch Third Party Advisory
https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient Exploit Third Party Advisory
https://usn.ubuntu.com/4407-1/ Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc1500:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc1500_pro:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc1900:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc1900_pro:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc2200:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc2200_pro:-:*:*:*:*:*:*:*
History

10 Mar 2022, 14:54

Type Values Removed Values Added
CPE cpe:2.3:a:libvncserver_project:libvncserver:*:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*		 cpe:2.3:h:siemens:simatic_itc1500_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc1900:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc1500:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc2200:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc1900_pro:-:*:*:*:*:*:*:*
cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itc2200_pro:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf - Patch, Third Party Advisory
First Time Siemens simatic Itc2200
Siemens simatic Itc2200 Pro Firmware
Debian debian Linux
Siemens
Siemens simatic Itc1900 Pro
Debian
Siemens simatic Itc1500
Libvnc Project
Siemens simatic Itc1900
Siemens simatic Itc1900 Firmware
Siemens simatic Itc1900 Pro Firmware
Siemens simatic Itc1500 Pro Firmware
Siemens simatic Itc2200 Firmware
Siemens simatic Itc1500 Firmware
Siemens simatic Itc2200 Pro
Libvnc Project libvncserver
Siemens simatic Itc1500 Pro

14 Dec 2021, 14:15

Type Values Removed Values Added
References
  • (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf -
CWE CWE-787

24 Feb 2021, 19:46

Type Values Removed Values Added
References (UBUNTU) https://usn.ubuntu.com/4407-1/ - (UBUNTU) https://usn.ubuntu.com/4407-1/ - Third Party Advisory
References (MISC) https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient - (MISC) https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient - Exploit, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html - Mailing List, Third Party Advisory
CPE cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

22 Feb 2021, 02:15

Type Values Removed Values Added
References
  • (MISC) https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient -
Information

Published : 2020-04-23 19:15

Updated : 2023-12-10 13:27

NVD link : CVE-2019-20788

Mitre link : CVE-2019-20788

CVE.ORG link : CVE-2019-20788

JSON object : View

Products Affected

siemens

  • simatic_itc1500_pro_firmware
  • simatic_itc2200_pro_firmware
  • simatic_itc2200_firmware
  • simatic_itc1900_pro
  • simatic_itc1500
  • simatic_itc1900_firmware
  • simatic_itc1500_pro
  • simatic_itc1500_firmware
  • simatic_itc2200
  • simatic_itc1900_pro_firmware
  • simatic_itc1900
  • simatic_itc2200_pro

canonical

  • ubuntu_linux

libvnc_project

  • libvncserver

debian

  • debian_linux
CWE
CWE-190

Integer Overflow or Wraparound

CWE-787

Out-of-bounds Write