CVE-2020-10059 - OpenCVE

The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-ZEP-018 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Zephyrproject	Zephyr

Configuration 1 [-]

OR	cpe:2.3:o:zephyrproject:zephyr:2.1.0:::::::*
	cpe:2.3:o:zephyrproject:zephyr:2.2.0:::::::*

No data.

References

Link	Providers
https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10059
https://github.com/zephyrproject-rtos/zephyr/pull/24954
https://github.com/zephyrproject-rtos/zephyr/pull/24997
https://github.com/zephyrproject-rtos/zephyr/pull/24999
https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36

History

No history.

MITRE

Status: PUBLISHED

Assigner: zephyr

Published: 2020-05-11T22:26:16.442001Z

Updated: 2024-09-17T02:07:14.701Z

Reserved: 2020-03-04T00:00:00

Link: CVE-2020-10059

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-05-11T23:15:11.973

Modified: 2020-06-05T18:15:12.247

Link: CVE-2020-10059

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "zephyr", "vendor": "zephyrproject-rtos", "versions": [{"lessThan": "unspecified", "status": "affected", "version": "2.1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "NCC Group for report"}], "datePublic": "2020-05-01T00:00:00", "descriptions": [{"lang": "en", "value": "The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-ZEP-018 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-06-05T17:37:37", "orgId": "e2e69745-5e70-4e92-8431-deb5529a81ad", "shortName": "zephyr"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24954"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24999"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24997"}, {"tags": ["x_refsource_MISC"], "url": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10059"}], "source": {"defect": ["https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36"], "discovery": "EXTERNAL"}, "title": "UpdateHub Module Explicitly Disables TLS Verification", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnerabilities@zephyrproject.org", "DATE_PUBLIC": "2020-05-01T00:00:00.000Z", "ID": "CVE-2020-10059", "STATE": "PUBLIC", "TITLE": "UpdateHub Module Explicitly Disables TLS Verification"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "zephyr", "version": {"version_data": [{"version_affected": ">=", "version_value": "2.1.0"}]}}]}, "vendor_name": "zephyrproject-rtos"}]}}, "credit": [{"lang": "eng", "value": "NCC Group for report"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-ZEP-018 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-295 Improper Certificate Validation"}]}]}, "references": {"reference_data": [{"name": "https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36", "refsource": "MISC", "url": "https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36"}, {"name": "https://github.com/zephyrproject-rtos/zephyr/pull/24954", "refsource": "MISC", "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24954"}, {"name": "https://github.com/zephyrproject-rtos/zephyr/pull/24999", "refsource": "MISC", "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24999"}, {"name": "https://github.com/zephyrproject-rtos/zephyr/pull/24997", "refsource": "MISC", "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24997"}, {"name": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10059", "refsource": "MISC", "url": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10059"}]}, "source": {"defect": ["https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:50:57.794Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24954"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24999"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24997"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10059"}]}]}, "cveMetadata": {"assignerOrgId": "e2e69745-5e70-4e92-8431-deb5529a81ad", "assignerShortName": "zephyr", "cveId": "CVE-2020-10059", "datePublished": "2020-05-11T22:26:16.442001Z", "dateReserved": "2020-03-04T00:00:00", "dateUpdated": "2024-09-17T02:07:14.701Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zephyrproject:zephyr:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "EF33DD80-0286-477C-88A4-FCEC0D80F520", "vulnerable": true}, {"criteria": "cpe:2.3:o:zephyrproject:zephyr:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "677DD0A3-502D-45F1-9CC8-8DDB8F230DFC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-ZEP-018 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions."}, {"lang": "es", "value": "El m\u00f3dulo UpdateHub deshabilita la comprobaci\u00f3n del peer DTLS, lo que permite un ataque de tipo man in the middle. Esto es mitigado por im\u00e1genes de firmware que requieren firmas validas. Sin embargo, no existe ning\u00fan beneficio al usar DTLS sin la comprobaci\u00f3n del peer. Consulte NCC-ZEP-018. Este problema afecta a: zephyrproject-rtos zephyr versi\u00f3n 2.1.0 y versiones posteriores."}], "id": "CVE-2020-10059", "lastModified": "2020-06-05T18:15:12.247", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "vulnerabilities@zephyrproject.org", "type": "Secondary"}]}, "published": "2020-05-11T23:15:11.973", "references": [{"source": "vulnerabilities@zephyrproject.org", "url": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10059"}, {"source": "vulnerabilities@zephyrproject.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24954"}, {"source": "vulnerabilities@zephyrproject.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24997"}, {"source": "vulnerabilities@zephyrproject.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/zephyrproject-rtos/zephyr/pull/24999"}, {"source": "vulnerabilities@zephyrproject.org", "tags": ["Third Party Advisory"], "url": "https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36"}], "sourceIdentifier": "vulnerabilities@zephyrproject.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-295"}], "source": "vulnerabilities@zephyrproject.org", "type": "Secondary"}]}