CVE-2020-27737 – A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET ( …

22 April 2021

Vuln ID: CVE-2020-27737

Published: 2021-04-22 21:15:09Z

Description: A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.

Source: NVD.NIST.GOV

Date:

22 April 2021

Categorie(s):

NVD

Tag(s):

NVD

Rising Cyber Threats Heighten Financial Stability Risks, IMF Warns18 April 2024
KubeCon EU: Mercedes-Benz’s Migration From Pod Security Policies to Validation Admission Policies18 April 2024
Do you know how easy it is to renew Quick Heal subscription on product?18 April 2024
Cybercrime Index ranks countries by threat level18 April 2024
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes18 April 2024