Out-of-Bounds Read Vulnerability in Contiki-NG SNMP Stack

Out-of-Bounds Read Vulnerability in Contiki-NG SNMP Stack

CVE-2020-12141 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.

Learn more about our Web Application Penetration Testing UK.