Sign-up

ID

VAR-202002-0940


CVE

CVE-2020-3924


TITLE

TAT-76 and TAT-77 Injection vulnerabilities in the series

Trust: 0.8

sources: JVNDB: JVNDB-2020-002413

DESCRIPTION

DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system. TAT-76 and TAT-77 There is an injection vulnerability in the series.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Tonnet TAT-76 is a network camera device. Tonnet TAT-76 update function failed to correctly verify the update file. Remote attackers can use this vulnerability to submit special requests and inject commands to obtain device permissions

Trust: 2.16

sources: NVD: CVE-2020-3924 // JVNDB: JVNDB-2020-002413 // CNVD: CNVD-2020-14865

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-14865

AFFECTED PRODUCTS

vendor:tonnetmodel:tat-76108g3scope:lteversion:20181221_76208g3

Trust: 1.0

vendor:tonnetmodel:tat-76116g3scope:lteversion:20181221_76216g3

Trust: 1.0

vendor:tonnetmodel:tat-76132g3scope:lteversion:tat-70832g3_20181221-1

Trust: 1.0

vendor:tonnetmodel:tat-71416g1scope:lteversion:tat-71416g1_20181225

Trust: 1.0

vendor:tonnetmodel:tat-77104g1scope:lteversion:tat-77104g1_20190107

Trust: 1.0

vendor:tonnetmodel:tat-76104g3scope:lteversion:20181220_76104g3

Trust: 1.0

vendor:tonnetmodel:tat-70432nscope:lteversion:tat-77208g1_20181225

Trust: 1.0

vendor:tonnetmodel:tat-71832g1scope:lteversion:tat-71832g1_20190510

Trust: 1.0

vendor:tonnetmodel:tat-70432nscope: - version: -

Trust: 0.8

vendor:tonnetmodel:tat-71416g1scope: - version: -

Trust: 0.8

vendor:tonnetmodel:tat-71832g1scope: - version: -

Trust: 0.8

vendor:tonnetmodel:tat-76104g3scope: - version: -

Trust: 0.8

vendor:tonnetmodel:tat-76108g3scope: - version: -

Trust: 0.8

vendor:tonnetmodel:tat-76116g3scope: - version: -

Trust: 0.8

vendor:tonnetmodel:tat-76132g3scope: - version: -

Trust: 0.8

vendor:tonnetmodel:tat-77104g1scope: - version: -

Trust: 0.8

vendor:tonnetmodel:tat-76scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2020-14865 // JVNDB: JVNDB-2020-002413 // NVD: CVE-2020-3924

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3924
value: CRITICAL

Trust: 1.0

twcert@cert.org.tw: CVE-2020-3924
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-002413
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2020-14865
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202002-1288
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2020-3924
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002413
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-14865
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:H/AU:M/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: MULTIPLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.2
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-3924
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

twcert@cert.org.tw: CVE-2020-3924
baseSeverity: MEDIUM
baseScore: 6.4
vectorString: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.5
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-002413
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-14865 // JVNDB: JVNDB-2020-002413 // CNNVD: CNNVD-202002-1288 // NVD: CVE-2020-3924 // NVD: CVE-2020-3924

PROBLEMTYPE DATA

problemtype:CWE-77

Trust: 1.0

problemtype:CWE-74

Trust: 0.8

sources: JVNDB: JVNDB-2020-002413 // NVD: CVE-2020-3924

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202002-1288

TYPE

injection

Trust: 0.6

sources: CNNVD: CNNVD-202002-1288

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-002413

PATCH
title:Top Pageurl:https://www.tonnet.com.tw/
Trust: 0.8
title:Patch for Tonnet TAT-76 Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/206261
Trust: 0.6
title:Tonnet TAT-76  and TAT-77 Fixes for command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111090
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14865 // 
            
            
            
            JVNDB: JVNDB-2020-002413 // 
            
            
            
            CNNVD: CNNVD-202002-1288

EXTERNAL IDS
db:NVDid:CVE-2020-3924
Trust: 3.0
db:TWCERTid:TVN-201910004
Trust: 2.2
db:JVNDBid:JVNDB-2020-002413
Trust: 0.8
db:CNVDid:CNVD-2020-14865
Trust: 0.6
db:CNNVDid:CNNVD-202002-1288
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14865 // 
            
            
            
            JVNDB: JVNDB-2020-002413 // 
            
            
            
            CNNVD: CNNVD-202002-1288 // 
            
            
            
            NVD: CVE-2020-3924

REFERENCES
url:https://www.chtsecurity.com/news/4ef5eb3a-fdc3-4d78-8dd7-ec7213e2bbcf
Trust: 2.4
url:https://tvn.twcert.org.tw/taiwanvn/tvn-201910004
Trust: 2.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3924
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-3924
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2020-14865 // 
            
            
            
            JVNDB: JVNDB-2020-002413 // 
            
            
            
            CNNVD: CNNVD-202002-1288 // 
            
            
            
            NVD: CVE-2020-3924

CREDITS
Weber Tsai (CHT Security) , Keniver Wang (CHT Security) , Redhung Chen (CHT Security Intern)
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202002-1288

SOURCES
db:CNVDid:CNVD-2020-14865
db:JVNDBid:JVNDB-2020-002413
db:CNNVDid:CNNVD-202002-1288
db:NVDid:CVE-2020-3924

LAST UPDATE DATE
2024-11-23T22:33:35.401000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-14865date:2020-03-02T00:00:00
db:JVNDBid:JVNDB-2020-002413date:2020-03-13T00:00:00
db:CNNVDid:CNNVD-202002-1288date:2021-01-05T00:00:00
db:NVDid:CVE-2020-3924date:2024-11-21T05:31:58.103

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-14865date:2020-03-02T00:00:00
db:JVNDBid:JVNDB-2020-002413date:2020-03-13T00:00:00
db:CNNVDid:CNNVD-202002-1288date:2020-02-27T00:00:00
db:NVDid:CVE-2020-3924date:2020-02-27T04:15:10.670