Vulnerability Details : CVE-2020-35628

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability.

Published 2021-03-04 20:15:13

Updated 2023-05-30 06:15:16

Source Talos

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2020-35628

Probability of exploitation activity in the next 30 days: 0.35%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2020-35628

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	nvd@nist.gov
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
10.0	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H	3.9	6.0	talos-cna@cisco.com
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	nvd@nist.gov
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-35628

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Secondary)
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

Assigned by: talos-cna@cisco.com (Primary)

References for CVE-2020-35628

https://security.gentoo.org/glsa/202305-34

CGAL: Multiple Vulnerabilities (GLSA 202305-34) — Gentoo security

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/

[SECURITY] Fedora 33 Update: CGAL-5.1.3-1.fc33 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/

[SECURITY] Fedora 34 Update: CGAL-5.2.1-1.fc34 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html

[SECURITY] [DLA 2649-1] cgal security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225

TALOS-2020-1225 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Technical Description;Third Party Advisory

CVEs referencing this url
https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html

[SECURITY] [DLA 3226-1] cgal security update
Mailing List;Third Party Advisory

CVEs referencing this url

Products affected by CVE-2020-35628

Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 33
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 34
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Matching versions
Cgal » Computational Geometry Algorithms Library » Version: 5.1.1
cpe:2.3:a:cgal:computational_geometry_algorithms_library:5.1.1:*:*:*:*:*:*:*
Matching versions