CVE-2020-27738 – A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET ( …

22 April 2021

Vuln ID: CVE-2020-27738

Published: 2021-04-22 21:15:09Z

Description: A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition.

Source: NVD.NIST.GOV

Date:

22 April 2021

Categorie(s):

NVD

Tag(s):

NVD

Kaiser Permanente shared 13.4M people’s data with Microsoft Bing, Google, others26 April 2024
Discover How DeepL Write Pro Enhances Accuracy and Security26 April 2024
The #1 Reason Why Organizations Skip Security26 April 2024
Still On CentOS 6? ELevate Can Now Lift and Shift You to a Modern RHEL Clone26 April 2024
Zero Trust strategies for navigating IoT/OT security challenges26 April 2024