6.5
CVE-2020-10069
- EPSS 0.1%
- Veröffentlicht 25.05.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 04:54:44
- Quelle vulnerabilities@zephyrproject.
- Teams Watchlist Login
- Unerledigt Login
Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Parameters (CWE-233). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zephyrproject ≫ Zephyr Version <= 1.14.2
Zephyrproject ≫ Zephyr Version >= 2.0.0 <= 2.2.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.24 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:N/I:N/A:P
|
| vulnerabilities@zephyrproject.org | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
CWE-233 Improper Handling of Parameters
The product does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined.