Rewterz Threat Advisory – CVE-2020-12068 – Security update for CODEYS V3 Visualization
May 8, 2020Rewterz Threat Advisory – ICS: Advantech WebAccess Node
May 8, 2020Rewterz Threat Advisory – CVE-2020-12068 – Security update for CODEYS V3 Visualization
May 8, 2020Rewterz Threat Advisory – ICS: Advantech WebAccess Node
May 8, 2020Severity
High
Analysis Summary
CVE-2020-3298
The vulnerability is due to improper memory protection mechanisms while processing certain OSPF packets. An attacker could exploit this vulnerability by sending a series of malformed OSPF packets in a short period of time to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.
CVE-2020-3195
The vulnerability is due to incorrect processing of certain OSPF packets. An attacker could exploit this vulnerability by sending a series of crafted OSPF packets to be processed by an affected device. A successful exploit could allow the attacker to continuously consume memory on an affected device and eventually cause it to reload, resulting in a denial of service (DoS) condition.
CVE-2020-3259
The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information.
CVE-2020-3191
The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only.
CVE-2020-3196
The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS connections with specific conditions to the affected device. A successful exploit could allow the attacker to exhaust the memory on the affected device, causing the device to stop accepting new SSL/TLS connections and resulting in a DoS condition for services on the device that process SSL/TLS traffic.
Impact
- Denial of Service
- Exposure of sensitive data
Affected Vendors
Cisco
Affected Products
- Cisco ASA
- Cisco FTD
Remediation
Refer to vendor’s advisory for the list of affected products and upgraded patches.
https://tools.cisco.com/security/center/publicationListing.x