CVE-2020-13602
Remote Denial of Service in LwM2M do_write_op_tlv
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh
Una Denegación de Servicio Remota en la función do_write_op_tlv de LwM2M. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.2.0 incluyéndola, contienen una Comprobación Inapropiada de la Entrada (CWE-20), Bucle con una Condición de Salida Inalcanzable ("Infinite Loop") (CWE-835). Para mayor información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-05-26 CVE Reserved
- 2021-05-24 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Zephyrproject Search vendor "Zephyrproject" | Zephyr Search vendor "Zephyrproject" for product "Zephyr" | <= 1.14.2 Search vendor "Zephyrproject" for product "Zephyr" and version " <= 1.14.2" | - |
Affected
| ||||||
Zephyrproject Search vendor "Zephyrproject" | Zephyr Search vendor "Zephyrproject" for product "Zephyr" | >= 2.0.0 <= 2.2.0 Search vendor "Zephyrproject" for product "Zephyr" and version " >= 2.0.0 <= 2.2.0" | - |
Affected
|