Buffer Overflow in Contiki-NG BLE Stack Affects Multiple Versions
CVE-2020-12140

8.8HIGH

Key Information:

Vendor

Contiki-ng

Status
Contiki-ng
Vendor
CVE Published:
7 December 2021

What is CVE-2020-12140?

A buffer overflow vulnerability exists in the BLE stack of Contiki-NG versions 4.4 and earlier. This flaw allows an attacker to execute arbitrary code by sending specially crafted L2CAP frames, potentially compromising the system's security and functionality. Users of affected versions should apply patches or updates promptly to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://twitter.com/ScepticCtf
x_refsource_MISC
https://github.com/contiki-ng/contiki-ng/pull/1662
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.