CVE-2020-27736

Name of the Vulnerable Software and Affected Versions APOGEE PXC Compact (BACnet) versions prior to V3.5.5 APOGEE PXC Compact (P2 Ethernet) versions prior to V2.8.20 APOGEE PXC Modular (BACnet) versions prior to V3.5.5 APOGEE PXC Modular (P2 Ethernet) versions prior to V2.8.20 Nucleus NET (affected versions not specified) Nucleus ReadyStart V3 versions prior to V2017.02.3 Nucleus ReadyStart V4 versions prior to V4.1.0 Nucleus Source Code (affected versions not specified) SIMOTICS CONNECT 400 versions prior to V0.5.0.0 TALON TC Compact (BACnet) versions prior to V3.5.5 TALON TC Modular (BACnet) versions prior to V3.5.5

Description The issue is related to the DNS domain name label parsing functionality, which does not properly validate the null-terminated name in DNS responses. This could result in a read past the end of an allocated structure when parsing malformed responses. An attacker with a privileged position in the network could leverage this to cause a denial-of-service condition or leak the read memory.

Recommendations For APOGEE PXC Compact (BACnet) versions prior to V3.5.5, update to version V3.5.5 or later. For APOGEE PXC Compact (P2 Ethernet) versions prior to V2.8.20, update to version V2.8.20 or later. For APOGEE PXC Modular (BACnet) versions prior to V3.5.5, update to version V3.5.5 or later. For APOGEE PXC Modular (P2 Ethernet) versions prior to V2.8.20, update to version V2.8.20 or later. For Nucleus NET, Nucleus ReadyStart V3 versions prior to V2017.02.3, update to version V2017.02.3 or later. For Nucleus ReadyStart V4 versions prior to V4.1.0, update to version V4.1.0 or later. For Nucleus Source Code, ensure that the DNS modules are updated to a version that includes the fix. For SIMOTICS CONNECT 400 versions prior to V0.5.0.0, update to version V0.5.0.0 or later. For TALON TC Compact (BACnet) versions prior to V3.5.5, update to version V3.5.5 or later. For TALON TC Modular (BACnet) versions prior to V3.5.5, update to version V3.5.5 or later.