CVE-2020-10023

MEDIUM Year: 2020
CVSS v3 Score
6.8
Medium
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-120
View all →

Vulnerability Description

The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

Related Vulnerabilities

CVE-2009-4067

MEDIUM
CVSS:6.8(Medium)

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of ...

CWE-1202009

CVE-2014-8271

MEDIUM
CVSS:6.8(Medium)

Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name.

CWE-1202014

CVE-2017-18707

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R8300 before 1.0.2.106 and R8500 before 1.0.2.106.

CWE-1202017

CVE-2017-18770

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R7800 before 1.0.2.36, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14.

CWE-1202017

CVE-2018-17773

MEDIUM
CVSS:6.8(Medium)

Ingenico Telium 2 POS terminals have a buffer overflow via SOCKET_TASK in the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.

CWE-1202018

CVE-2018-21151

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 bef...

CWE-1202018