PT-2020-14760 · Open Robotics · Ros Comm
Sid Faber
·
Published
2020-10-13
·
Updated
2020-10-22
·
CVE-2020-16124
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenRobotics ros comm communications packages versions Noetic and prior
Description
The issue is related to an Integer Overflow or Wraparound vulnerability in the XML RPC library, which allows unauthenticated network traffic to cause unexpected behavior.
Recommendations
For OpenRobotics ros comm communications packages versions Noetic and prior, apply the fix from https://github.com/ros/ros comm/pull/2065 to resolve the issue.
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ros Comm