CVE-2020-6994

Description

A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The following devices using HiOS Version 07.0.02 and lower are affected: RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED. The following devices using HiSecOS Version 03.2.00 and lower are affected: EAGLE20/30.

References

Link	Tags
https://www.us-cert.gov/ics/advisories/icsa-20-091-01	mitigation third party advisory us government resource

Frequently Asked Questions

What is the severity of CVE-2020-6994?: CVE-2020-6994 has been scored as a critical severity vulnerability.
How to fix CVE-2020-6994?: To fix CVE-2020-6994, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2020-6994 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2020-6994 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-6994?: CVE-2020-6994 affects Hirschmann Automation and Control GmbH, a division of Belden Inc. HiOS for the following devices RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED, Hirschmann Automation and Control GmbH, a division of Belden Inc. HiSecOS for device EAGLE20/30.

Description

Categories

CWE-12 – ASP.NET Misconfiguration: Missing Custom Error Page

CWE-120 – Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

References

Frequently Asked Questions