Vulnerabilities > CVE-2021-33889 - Out-of-bounds Write vulnerability in Openthread Wpantund 20200528/20210702
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
OpenThread wpantund through 2021-07-02 has a stack-based Buffer Overflow because of an inconsistency in the integer data type for metric_len.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Common Weakness Enumeration (CWE)
References
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0019/FEYE-2021-0019.md
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0019/FEYE-2021-0019.md
- https://github.com/openthread/wpantund/issues/502
- https://github.com/openthread/wpantund/issues/502
- https://github.com/openthread/wpantund/releases
- https://github.com/openthread/wpantund/releases