CVE-2020-12886 in Mbed OSالمعلومات

الملخص

بحسب MITRE

A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP packet header starting from the message token. The length of the token in the received message is provided in the first byte parsed by the sn_coap_parser_options_parse() function. The length encoded in the message is not validated against the actual input buffer length before accessing the token. As a result, memory access outside of the intended boundary of the buffer may occur.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

15/05/2020

الاعتدال

تمت الموافقة

إدخال

VDB-156924

EPSS

0.01352

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!