Vulnerability Details CVE-2019-20791
OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19386
- https://github.com/openthread/openthread/commit/b8c3161281f8e15873f8decabd8eac461717aefe
- https://github.com/openthread/openthread/commit/c3a3a0c424322009fec3ab735fb20ce8f6e19e70
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19386
- https://github.com/openthread/openthread/commit/b8c3161281f8e15873f8decabd8eac461717aefe
- https://github.com/openthread/openthread/commit/c3a3a0c424322009fec3ab735fb20ce8f6e19e70
Products affected by CVE-2019-20791
-
cpe:2.3:o:google:openthread:-
-
cpe:2.3:o:google:openthread:2017-07-16
-
cpe:2.3:o:google:openthread:2018-06-19
-
cpe:2.3:o:google:openthread:2018-09-26
-
cpe:2.3:o:google:openthread:2019-11-13