Vulnerabilities > CVE-2020-16209 - Stack-based Buffer Overflow vulnerability in Fieldcommgroup Hart-Ip Developer KIT Firmware and Hipserver

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

fieldcommgroup

CWE-121

critical

NVD

Published: 2022-05-19

Updated: 2022-06-02

Summary

A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0) by constructing messages with sufficiently large payloads to overflow the internal buffer and crash the device, or obtain control of the device.

Vulnerable Configurations

Part	Description	Count
Application	Fieldcommgroup Fieldcommgroup Hipserver 3.6.1	1
OS	Fieldcommgroup Fieldcommgroup Hart IP Developer KIT Firmware 1.0.0.0	1
Hardware	Fieldcommgroup Fieldcommgroup Hart IP Developer KIT -	1

Common Weakness Enumeration (CWE)

CWE-121 - Stack-based Buffer Overflow

References

https://www.cisa.gov/uscert/ics/advisories/icsa-20-287-04