Vulnerabilities > CVE-2020-27539 - Out-of-bounds Write vulnerability in Company Cs-C2Shw Firmware 5.0.082.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

company

CWE-787

NVD

Published: 2021-01-26

Updated: 2021-02-02

Summary

Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1. AgentUpdater service has a self-written HTTP parser and builder. HTTP parser has a heap buffer overflow (OOB write). In default configuration camera parses responses only from HTTPS URLs from config file, so vulnerable code is unreachable and one more bug required to reach it.

Vulnerable Configurations

Part	Description	Count
OS	Company Company CS C2Shw Firmware 5.0.082.1	1
Hardware	Company Company CS C2Shw -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://dil4rd.medium.com/groundhog-day-in-iot-valley-or-5-cves-in-1-camera-7dc1d2864707