ByteOS Network

CVE Vulnerability Details :

CVE-2020-25195

PUBLISHED

More Info Official Page

Assigner-icscert

Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6

Published At-15 Dec, 2020 | 19:38

Updated At-04 Aug, 2024 | 15:26

▼CVE Numbering Authority (CNA)

The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM100, and H4-ECOM100 modules are verified only on the client side when receiving input from the configuration web server, which may allow an attacker to bypass the check and send input to crash the device.

Affected Products

Vendor

n/a

Product

Host Engineering H0-ECOM100 Module

Versions

Affected

Hardware Versions 6x and prior with Firmware Versions 4.0.348 and prior
Hardware Version 7x with Firmware Versions 4.1.113 and prior
Hardware Version 9x with Firmware Versions 5.0.149 and prior

Vendor

n/a

Product

Host Engineering H2-ECOM100 Module

Versions

Affected

Hardware Versions 5x and prior with Firmware Versions 4.0.2148 and prior
Hardware Version 8x with Firmware Versions 5.0.1043 and prior

Vendor

n/a

Product

Host Engineering H4-ECOM100 Module

Versions

Affected

Firmware Versions 4.0.2148 and prior

Problem Types

Type	CWE ID	Description
CWE	CWE-20	IMPROPER INPUT VALIDATION CWE-20

References

Hyperlink	Resource
https://us-cert.cisa.gov/ics/advisories/icsa-20-345-02	x_refsource_MISC

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://us-cert.cisa.gov/ics/advisories/icsa-20-345-02	x_refsource_MISC x_transferred

Affected Products

Affected

Affected

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References