CVE-2020-15795

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-15795
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.

8.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:nucleus_source_code:-:*:*:*:*:*:*:*
History

08 Aug 2023, 10:15

Type Values Removed Values Added
References
  • {'url': 'https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04', 'name': 'https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04', 'tags': ['Third Party Advisory', 'US Government Resource'], 'refsource': 'CONFIRM'}
  • (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf -
Summary A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.

29 Apr 2022, 01:52

Type Values Removed Values Added
CPE cpe:2.3:a:siemens:capital_vstar:-:*:*:*:*:*:*:*

11 Jan 2022, 12:15

Type Values Removed Values Added
Summary A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.

17 Nov 2021, 22:17

Type Values Removed Values Added
Summary A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus RTOS (versions including affected DNS modules), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.

10 Nov 2021, 01:15

Type Values Removed Values Added
Summary A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus RTOS (versions including affected DNS modules), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.

09 Nov 2021, 21:26

Type Values Removed Values Added
CPE cpe:2.3:a:siemens:vstar:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:nucleus_rtos:-:*:*:*:*:*:*:*		 cpe:2.3:a:siemens:capital_vstar:-:*:*:*:*:*:*:*

09 Nov 2021, 12:15

Type Values Removed Values Added
Summary A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus RTOS (versions including affected DNS modules), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.

30 Apr 2021, 17:12

Type Values Removed Values Added
CPE cpe:2.3:a:siemens:nucleus_source_code:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:nucleus_rtos:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:vstar:-:*:*:*:*:*:*:*
References (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf - (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf - Vendor Advisory
References (CONFIRM) https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04 - (CONFIRM) https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04 - Third Party Advisory, US Government Resource
CVSS v2 : unknown
v3 : unknown 		v2 : 6.8
v3 : 8.1

23 Apr 2021, 15:15

Type Values Removed Values Added
References
  • (CONFIRM) https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04 -

22 Apr 2021, 21:16

Type Values Removed Values Added
New CVE
Information

Published : 2021-04-22 21:15

Updated : 2023-12-10 13:55

NVD link : CVE-2020-15795

Mitre link : CVE-2020-15795

CVE.ORG link : CVE-2020-15795

JSON object : View

Products Affected

siemens

  • nucleus_net
  • nucleus_source_code
CWE
CWE-787

Out-of-bounds Write