CVE-2019-20786

Name of the Vulnerable Software and Affected Versions Pion DTLS versions prior to 1.5.2

Description The issue allows remote attackers to inject arbitrary unencrypted data after handshake completion due to a lack of check for application data with epoch 0 in the handleIncomingPacket function. This is caused by improper verification of packets, resulting in unencrypted packets containing application data being accepted after the initial handshake. An attacker can exploit this to inject arbitrary data, which the client or server believes was encrypted, despite not knowing the session key.

Recommendations For Pion DTLS versions prior to 1.5.2, update to version 1.5.2 or later to resolve the issue. As a temporary workaround, consider implementing additional packet verification measures to prevent the acceptance of unencrypted packets after the initial handshake. Restrict access to sensitive data and functions that rely on encrypted communication to minimize the risk of exploitation.