CVE-2020-13543

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.

CVSS v3 8.8 HIGH
CVSS v2.0 6.8 MEDIUM

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://security.gentoo.org/glsa/202012-10	Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1155	Exploit Technical Description Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Not Applicable Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:webkitgtk:webkitgtk:2.30.0:*:*:*:*:*:*:*

History

10 May 2022, 15:46

Type	Values Removed	Values Added
References	~~(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html -~~	(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Not Applicable, Third Party Advisory
References	~~(GENTOO) https://security.gentoo.org/glsa/202012-10 -~~	(GENTOO) https://security.gentoo.org/glsa/202012-10 - Third Party Advisory

20 Apr 2022, 00:15

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html -

Information

Published : 2020-12-03 17:15

Updated : 2023-12-10 13:41

NVD link : CVE-2020-13543

Mitre link : CVE-2020-13543

CVE.ORG link : CVE-2020-13543

JSON object : View

Products Affected

webkitgtk

webkitgtk

CWE

CWE-416

Use After Free

{"id": "CVE-2020-13543", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2020-12-03T17:15:12.083", "references": [{"url": "https://security.gentoo.org/glsa/202012-10", "tags": ["Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1155", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Not Applicable", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo en la funcionalidad WebSocket de Webkit WebKitGTK versi\u00f3n 2.30.0. Una p\u00e1gina web especialmente dise\u00f1ada puede desencadenar una vulnerabilidad de uso de la memoria previamente liberada que puede conllevar a una ejecuci\u00f3n de c\u00f3digo remota. Un atacante puede lograr que un usuario visite una p\u00e1gina web para desencadenar esta vulnerabilidad"}], "lastModified": "2022-05-10T15:46:46.130", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:webkitgtk:webkitgtk:2.30.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37C822F7-B450-488A-B05C-482196E34F44"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}