CVE-2020-17528 Vulnerability Details

  /     /     /  

CVE-2020-17528 Metadata Quick Info

CVE Published: 09/12/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: apache | Vendor: Apache Software Foundation | Product: Apache NuttX (incubating)
Status : PUBLISHED

---

CVE-2020-17528 Description

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-787
CWE Name: CWE-787 Out-of-bounds Write
Source: Apache Software Foundation

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).