CVE-2020-10023

The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

CVSS v3 6.9 MEDIUM
CVSS v2.0 4.6 MEDIUM

6.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.3 / Impact : 6.0

Attack Vector PHYSICAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10023
https://github.com/zephyrproject-rtos/zephyr/pull/23304	Patch Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/pull/23646	Patch Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/pull/23649	Patch Third Party Advisory
https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-29	Third Party Advisory
https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10023
https://github.com/zephyrproject-rtos/zephyr/pull/23304	Patch Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/pull/23646	Patch Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/pull/23649	Patch Third Party Advisory
https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-29	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:zephyrproject:zephyr:1.14.1:::::::*
	cpe:2.3:o:zephyrproject:zephyr:2.1.0:::::::*

History

No history.

Information

Published : 2020-05-11 23:15

Updated : 2024-11-21 04:54

NVD link : CVE-2020-10023

Mitre link : CVE-2020-10023

CVE.ORG link : CVE-2020-10023

JSON object : View

Products Affected

zephyrproject

zephyr

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

{"id": "CVE-2020-10023", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "vulnerabilities@zephyrproject.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.9, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 0.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2020-05-11T23:15:11.520", "references": [{"url": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10023", "source": "vulnerabilities@zephyrproject.org"}, {"url": "https://github.com/zephyrproject-rtos/zephyr/pull/23304", "tags": ["Patch", "Third Party Advisory"], "source": "vulnerabilities@zephyrproject.org"}, {"url": "https://github.com/zephyrproject-rtos/zephyr/pull/23646", "tags": ["Patch", "Third Party Advisory"], "source": "vulnerabilities@zephyrproject.org"}, {"url": "https://github.com/zephyrproject-rtos/zephyr/pull/23649", "tags": ["Patch", "Third Party Advisory"], "source": "vulnerabilities@zephyrproject.org"}, {"url": "https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-29", "tags": ["Third Party Advisory"], "source": "vulnerabilities@zephyrproject.org"}, {"url": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10023", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/zephyrproject-rtos/zephyr/pull/23304", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/zephyrproject-rtos/zephyr/pull/23646", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/zephyrproject-rtos/zephyr/pull/23649", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-29", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "vulnerabilities@zephyrproject.org", "description": [{"lang": "en", "value": "CWE-120"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions."}, {"lang": "es", "value": "El subsistema shell contiene un desbordamiento de b\u00fafer, por lo que un adversario con acceso f\u00edsico al dispositivo es capaz de causar una corrupci\u00f3n de la memoria, resultando en una denegaci\u00f3n de servicio o posiblemente en una ejecuci\u00f3n de c\u00f3digo dentro del kernel de Zephyr. Consulte NCC-NCC-019. Este problema afecta a: zephyrproject-rtos zephyr versi\u00f3n 1.14.0 y versiones posteriores. Versi\u00f3n 2.1.0 y versiones posteriores."}], "lastModified": "2024-11-21T04:54:40.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zephyrproject:zephyr:1.14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64F3EAF-D161-42D2-80B4-5459C0AB45BE"}, {"criteria": "cpe:2.3:o:zephyrproject:zephyr:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF33DD80-0286-477C-88A4-FCEC0D80F520"}], "operator": "OR"}]}], "sourceIdentifier": "vulnerabilities@zephyrproject.org"}