First published: Tue Aug 18 2020(Updated: )
Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmp_oid_decode_oid() may overwrite memory areas beyond the provided target buffer, when called from snmp_message_decode() upon an SNMP request reception. Because the content of the write operations is externally provided in the SNMP requests, it enables a remote overwrite of an IoT device's memory regions beyond the allocated buffer. This overflow may allow remote overwrite of stack and statically allocated variables memory regions by sending a crafted SNMP request.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Contiki-ng Contiki-ng | >=4.4<=4.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2020-14936.
The severity of CVE-2020-14936 is critical with a CVSS score of 9.8.
Contiki-NG versions 4.4 through 4.5 are affected by CVE-2020-14936.
The CWE ID of CVE-2020-14936 is CWE-119 and CWE-787.
You can find more information about CVE-2020-14936 at the following references: [Reference 1](https://drive.google.com/file/d/1FypWH_g475jSL0mDFzquaATCeRIHQ2kj/view?usp=sharing), [Reference 2](https://github.com/contiki-ng/contiki-ng/issues/1351).