Vulnerability Name: CVE-2020-6994 (CCN-179069) Assigned: 2020-03-31 Published: 2020-03-31 Updated: 2021-06-17 Summary: A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The following devices using HiOS Version 07.0.02 and lower are affected: RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED. The following devices using HiSecOS Version 03.2.00 and lower are affected: EAGLE20/30. CVSS v3 Severity: 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-120 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2020-6994 Hirschmann Automation and Control GmbH Classic Platform Switches hirschmann-cve20206994-bo(179069) Hitachi Energy AFF660/665 Series Hitachi Energy AFS660/AFS665 Hirschmann Automation and Control HiOS and HiSecOS Products https://www.us-cert.gov/ics/advisories/icsa-20-091-01 Vulnerable Configuration: Configuration 1 :cpe:/o:belden:hirschmann_hios:*:*:*:*:*:*:*:* (Version <= 07.0.02)AND cpe:/h:belden:hirschmann_embedded_ethernet_switch:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_embedded_ethernet_switch_extended:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_greyhound_swtich:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_mice_switch_power:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_octopus:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_prp_redbox:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_rail_switch_power:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_rail_switch_power_enhanced:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:* Configuration 2 :cpe:/o:belden:hirschmann_hisecos:*:*:*:*:*:*:*:* (Version <= 03.2.00)AND cpe:/h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:* OR cpe:/h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/o:hirschmann:hios:*:*:*:*:*:*:*:* OR cpe:/o:hirschmann:hisecos:*:*:*:*:*:*:*:* BACK
belden hirschmann hios *
belden hirschmann embedded ethernet switch -
belden hirschmann embedded ethernet switch extended -
belden hirschmann greyhound swtich -
belden hirschmann mice switch power -
belden hirschmann octopus -
belden hirschmann prp redbox -
belden hirschmann rail switch power -
belden hirschmann rail switch power enhanced -
belden hirschmann rail switch power lite -
belden hirschmann rail switch power smart -
belden hirschmann hisecos *
belden hirschmann eagle20 -
belden hirschmann eagle30 -
hirschmann hios *
hirschmann hisecos *
Denotes that component is vulnerable