← Back to CVEs
CVE-2020-16209
CRITICAL9.8
Description
A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0) by constructing messages with sufficiently large payloads to overflow the internal buffer and crash the device, or obtain control of the device.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published5/19/2022
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
fieldcommgroup:hart-ip_developer_kitfieldcommgroup:hart-ip_developer_kit_firmwarefieldcommgroup:hipserver
Weaknesses (CWE)
CWE-121
References
https://www.cisa.gov/uscert/ics/advisories/icsa-20-287-04(ics-cert@hq.dhs.gov)
https://www.cisa.gov/uscert/ics/advisories/icsa-20-287-04(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.