← Back

CVE-2020-17437

nvd nist
Published: Dec 11, 2020Modified: Jun 17, 2026

JSON object

Loading...
8.2
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Exploitability: 3.9 / Impact: 4.2
Source: NVD

Description

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.

Affected (11)

Uip Project
1 product
Uip
Open Iscsi Project
1 product
Open Iscsi
Siemens
9 products
Sentron 3va Com100 Firmware
Sentron 3va Com800 Firmware
Sentron 3va Dsp800 Firmware
Sentron Pac2200 Clp Firmware
Sentron Pac2200 Firmware
Sentron Pac3200 Firmware
Sentron Pac3200t Firmware
Sentron Pac3220 Firmware
Sentron Pac4200 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Uip
Up to 1.0
Running on/withPlatform Versions
Contiki Os
Contiki
Up to 3.0
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Open Iscsi
Up to 2.1.7
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron 3va Com100 Firmware
Before 4.4.1
Running on/withPlatform Versions
Siemens
Sentron 3va Com100
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron 3va Com800 Firmware
Before 4.4.1
Running on/withPlatform Versions
Siemens
Sentron 3va Com800
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron 3va Dsp800 Firmware
Before 4.0
Running on/withPlatform Versions
Siemens
Sentron 3va Dsp800
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron Pac2200 Clp Firmware
All versions
Running on/withPlatform Versions
Siemens
Sentron Pac2200 Clp
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron Pac2200 Firmware
Before 3.2.2
Running on/withPlatform Versions
Siemens
Sentron Pac2200
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron Pac3200 Firmware
Before 2.4.7
Running on/withPlatform Versions
Siemens
Sentron Pac3200
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron Pac3200t Firmware
Before 3.2.2
Running on/withPlatform Versions
Siemens
Sentron Pac3200t
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron Pac3220 Firmware
Before 3.2.0
Running on/withPlatform Versions
Siemens
Sentron Pac3220
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sentron Pac4200 Firmware
Before 2.3.0
Running on/withPlatform Versions
Siemens
Sentron Pac4200
All versions

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (6)

Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.