Out-of-Bounds Write in open62541 by open62541
CVE-2020-36429

5.5MEDIUM

Key Information:

Vendor

Open62541

Status
Vendor
CVE Published:
20 July 2021

What is CVE-2020-36429?

The variant_encodeJson function in open62541 versions prior to 1.0.4 is susceptible to an out-of-bounds write issue. This vulnerability arises when handling a large recursion depth, potentially allowing an attacker to exploit it. Systems running affected versions are urged to review their implementations and apply updates to mitigate the risks associated with this flaw.

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.