An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf | Patch Third Party Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 | Third Party Advisory US Government Resource |
https://www.kb.cert.org/vuls/id/815128 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
06 Aug 2022, 03:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Siemens sentron 3va Com100
Uip Project Open-iscsi Project open-iscsi Siemens sentron Pac4200 Uip Project uip Siemens sentron 3va Com800 Firmware Siemens sentron Pac4200 Firmware Siemens sentron Pac3200 Firmware Siemens Siemens sentron 3va Com100 Firmware Siemens sentron 3va Com800 Open-iscsi Project Siemens sentron Pac3200 |
|
CPE | cpe:2.3:a:uip_project:uip:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sentron_pac3200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sentron_3va_com800_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:sentron_3va_com800:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sentron_3va_com100:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:sentron_3va_com100_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:sentron_pac3200:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:sentron_pac4200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:sentron_pac4200:-:*:*:*:*:*:*:* cpe:2.3:a:open-iscsi_project:open-iscsi:*:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf - Patch, Third Party Advisory |
09 Mar 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-12-11 22:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-13987
Mitre link : CVE-2020-13987
CVE.ORG link : CVE-2020-13987
JSON object : View
Products Affected
uip_project
- uip
siemens
- sentron_pac3200
- sentron_pac4200
- sentron_3va_com100
- sentron_pac4200_firmware
- sentron_3va_com800_firmware
- sentron_pac3200_firmware
- sentron_3va_com800
- sentron_3va_com100_firmware
open-iscsi_project
- open-iscsi
contiki-os
- contiki
CWE
CWE-125
Out-of-bounds Read