Vulnerability Details : CVE-2020-8516
Potential exploit
The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not verify that a rendezvous node is known before attempting to connect to it, which might make it easier for remote attackers to discover circuit information. NOTE: The network team of Tor claims this is an intended behavior and not a vulnerability
Products affected by CVE-2020-8516
- cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
- cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-8516
1.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-8516
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
NIST |
References for CVE-2020-8516
-
https://security-tracker.debian.org/tracker/CVE-2020-8516
CVE-2020-8516Third Party Advisory
-
https://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-Tor-Circuits.html
Deanonymizing Tor Circuits - The Hacker Factor BlogExploit;Mitigation;Technical Description;Third Party Advisory
-
https://lists.torproject.org/pipermail/tor-dev/2020-February/014146.html
[tor-dev] CVE-2020-8516 Hidden Service deanonymizationMailing List;Vendor Advisory
-
https://lists.torproject.org/pipermail/tor-dev/2020-February/014147.html
[tor-dev] CVE-2020-8516 Hidden Service deanonymizationMailing List;Vendor Advisory
-
https://trac.torproject.org/projects/tor/ticket/33129
#33129 (Tor node that is not part of the consensus should not be used as rendezvous point with the onion service) – Tor Bug Tracker & WikiIssue Tracking;Vendor Advisory
Jump to