CVE-2020-25195 - OpenCVE

The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM100, and H4-ECOM100 modules are verified only on the client side when receiving input from the configuration web server, which may allow an attacker to bypass the check and send input to crash the device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hosteng	H0-ecom100 H0-ecom100 Firmware H2-ecom100 H2-ecom100 Firmware H4-ecom100 H4-ecom100 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:hosteng:h0-ecom100:6:*:*:*:*:*:*:*

cpe:2.3:o:hosteng:h0-ecom100_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hosteng:h0-ecom100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hosteng:h0-ecom100:7:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:hosteng:h0-ecom100:9:*:*:*:*:*:*:*

cpe:2.3:o:hosteng:h0-ecom100_firmware:*:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:h:hosteng:h2-ecom100:5:*:*:*:*:*:*:*

cpe:2.3:o:hosteng:h2-ecom100_firmware:*:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:h:hosteng:h2-ecom100:8:*:*:*:*:*:*:*

cpe:2.3:o:hosteng:h2-ecom100_firmware:*:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:h:hosteng:h4-ecom100:-:*:*:*:*:*:*:*

cpe:2.3:o:hosteng:h4-ecom100_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://us-cert.cisa.gov/ics/advisories/icsa-20-345-02

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2020-12-15T19:38:02

Updated: 2024-08-04T15:26:10.231Z

Reserved: 2020-09-04T00:00:00

Link: CVE-2020-25195

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-12-15T20:15:15.980

Modified: 2020-12-18T14:59:37.203

Link: CVE-2020-25195

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Host Engineering H0-ECOM100 Module", "vendor": "n/a", "versions": [{"status": "affected", "version": "Hardware Versions 6x and prior with Firmware Versions 4.0.348 and prior"}, {"status": "affected", "version": "Hardware Version 7x with Firmware Versions 4.1.113 and prior"}, {"status": "affected", "version": "Hardware Version 9x with Firmware Versions 5.0.149 and prior"}]}, {"product": "Host Engineering H2-ECOM100 Module", "vendor": "n/a", "versions": [{"status": "affected", "version": "Hardware Versions 5x and prior with Firmware Versions 4.0.2148 and prior"}, {"status": "affected", "version": "Hardware Version 8x with Firmware Versions 5.0.1043 and prior"}]}, {"product": "Host Engineering H4-ECOM100 Module", "vendor": "n/a", "versions": [{"status": "affected", "version": "Firmware Versions 4.0.2148 and prior"}]}], "descriptions": [{"lang": "en", "value": "The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM100, and H4-ECOM100 modules are verified only on the client side when receiving input from the configuration web server, which may allow an attacker to bypass the check and send input to crash the device."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "IMPROPER INPUT VALIDATION CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-15T19:38:02", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-345-02"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2020-25195", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Host Engineering H0-ECOM100 Module", "version": {"version_data": [{"version_value": "Hardware Versions 6x and prior with Firmware Versions 4.0.348 and prior"}, {"version_value": "Hardware Version 7x with Firmware Versions 4.1.113 and prior"}, {"version_value": "Hardware Version 9x with Firmware Versions 5.0.149 and prior"}]}}, {"product_name": "Host Engineering H2-ECOM100 Module", "version": {"version_data": [{"version_value": "Hardware Versions 5x and prior with Firmware Versions 4.0.2148 and prior"}, {"version_value": "Hardware Version 8x with Firmware Versions 5.0.1043 and prior"}]}}, {"product_name": "Host Engineering H4-ECOM100 Module", "version": {"version_data": [{"version_value": "Firmware Versions 4.0.2148 and prior"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM100, and H4-ECOM100 modules are verified only on the client side when receiving input from the configuration web server, which may allow an attacker to bypass the check and send input to crash the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "IMPROPER INPUT VALIDATION CWE-20"}]}]}, "references": {"reference_data": [{"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-345-02", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-345-02"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:26:10.231Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-345-02"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2020-25195", "datePublished": "2020-12-15T19:38:02", "dateReserved": "2020-09-04T00:00:00", "dateUpdated": "2024-08-04T15:26:10.231Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:hosteng:h0-ecom100:6:*:*:*:*:*:*:*", "matchCriteriaId": "B5094458-DAF8-49FE-9317-8213649760C4", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:hosteng:h0-ecom100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "261A5D3D-8ABC-4A38-85B9-43D49B9F30ED", "versionEndIncluding": "4.0.348", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hosteng:h0-ecom100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7647AB5C-C9AF-4EDC-AD39-9129B462CECC", "versionEndIncluding": "4.1.113", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hosteng:h0-ecom100:7:*:*:*:*:*:*:*", "matchCriteriaId": "5800C95C-7CCA-4968-AD90-4258CA389D49", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:hosteng:h0-ecom100:9:*:*:*:*:*:*:*", "matchCriteriaId": "01EB51BF-6519-4B01-B253-94855091773A", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:hosteng:h0-ecom100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DED7D3BB-3093-4473-9827-A5750E2C2DA4", "versionEndIncluding": "5.0.149", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:hosteng:h2-ecom100:5:*:*:*:*:*:*:*", "matchCriteriaId": "0FE3FD06-985E-4CEB-AEC4-94FEAA2ABB35", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:hosteng:h2-ecom100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D145662-CCB8-4626-96EF-62C127D2780E", "versionEndIncluding": "4.0.2148", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:hosteng:h2-ecom100:8:*:*:*:*:*:*:*", "matchCriteriaId": "41006F1C-6D13-484E-A150-8CCF44A0465A", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:hosteng:h2-ecom100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "35FF4084-D3B2-454F-8D3B-0A55469493A0", "versionEndIncluding": "5.0.1043", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:hosteng:h4-ecom100:-:*:*:*:*:*:*:*", "matchCriteriaId": "63D19A9C-5EC3-4FF0-845E-ECFE11DB7049", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:hosteng:h4-ecom100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "96566D31-6B83-4695-AF03-C29D275F9D9E", "versionEndIncluding": "4.0.2148", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM100, and H4-ECOM100 modules are verified only on the client side when receiving input from the configuration web server, which may allow an attacker to bypass the check and send input to crash the device."}, {"lang": "es", "value": "La longitud de los campos de entrada de los m\u00f3dulos Host Engineering H0-ECOM100, H2-ECOM100 y H4-ECOM100 son verificados solo en el lado del cliente cuando se reciben entradas del servidor web de configuraci\u00f3n, lo que puede permitir a un atacante omitir la comprobaci\u00f3n y enviar entradas para bloquear el dispositivo"}], "id": "CVE-2020-25195", "lastModified": "2020-12-18T14:59:37.203", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-15T20:15:15.980", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-345-02"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}