Contiki-NG 4.4-4.5 SNMP BER Encoder/Decoder Buffer Overflow Vulnerability

Contiki-NG 4.4-4.5 SNMP BER Encoder/Decoder Buffer Overflow Vulnerability

CVE-2020-14937 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Memory access out of buffer boundaries issues was discovered in Contiki-NG 4.4 through 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified during the encoding and decoding of data. This may lead to out-of-bounds buffer read or write access in BER decoding and encoding functions.

Learn more about our Web Application Penetration Testing UK.