An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf | Patch Third Party Advisory |
https://github.com/LibVNC/libvncserver/commit/33441d90a506d5f3ae9388f2752901227e430553 | Patch Third Party Advisory |
https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 | Release Notes Third Party Advisory |
https://usn.ubuntu.com/4434-1/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
10 Mar 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
First Time |
Siemens simatic Itc2200
Siemens simatic Itc2200 Pro Firmware Debian debian Linux Siemens Siemens simatic Itc1900 Pro Siemens simatic Itc1900 Canonical ubuntu Linux Siemens simatic Itc1900 Firmware Siemens simatic Itc1900 Pro Firmware Siemens simatic Itc1500 Pro Firmware Siemens simatic Itc2200 Firmware Siemens simatic Itc1500 Firmware Canonical Siemens simatic Itc2200 Pro Debian Siemens simatic Itc1500 Libvnc Project Libvnc Project libvncserver Siemens simatic Itc1500 Pro |
|
CPE | cpe:2.3:h:siemens:simatic_itc1500_pro:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itc1500:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* cpe:2.3:h:siemens:simatic_itc2200_pro:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itc1900:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itc2200:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itc1900_pro:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* |
|
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf - Patch, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4434-1/ - Third Party Advisory |
14 Dec 2021, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-06-17 16:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-14396
Mitre link : CVE-2020-14396
CVE.ORG link : CVE-2020-14396
JSON object : View
Products Affected
siemens
- simatic_itc1500_pro
- simatic_itc1500_firmware
- simatic_itc1900_firmware
- simatic_itc1900_pro_firmware
- simatic_itc1500
- simatic_itc2200_pro
- simatic_itc2200_pro_firmware
- simatic_itc1900
- simatic_itc2200
- simatic_itc1500_pro_firmware
- simatic_itc2200_firmware
- simatic_itc1900_pro
libvnc_project
- libvncserver
canonical
- ubuntu_linux
debian
- debian_linux
CWE
CWE-476
NULL Pointer Dereference