CVE-2019-17210

EPSS 0.4%
Published 04.11.2019 20:15:10
Last modified 21.11.2024 04:31:51
Source cve@mitre.org
Teams watchlist Login
Open Login

A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString() is called by the function MQTTDeserialize_publish() to get the length and content of the MQTT topic name. In the function readMQTTLenString(), mqttstring->lenstring.len is a part of user input, which can be manipulated. An attacker can simply change it to a larger value to invalidate the if statement so that the statements inside the if statement are skipped, letting the value of mqttstring->lenstring.data default to zero. Later, curn is accessed, which points to mqttstring->lenstring.data. On an Arm Cortex-M chip, the value at address 0x0 is actually the initialization value for the MSP register. It is highly dependent on the actual firmware. Therefore, the behavior of the program is unpredictable from this time on.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Arm ≫ Mbed-mqtt Version2017-11-02

Arm ≫ Mbed-os Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.4%	0.579

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://github.com/ARMmbed/mbed-os/issues/11802

Third Party Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2019-17210

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-17210

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-17210

EUVD