VDB
CVE-2021-20109
CVE-2021-20109
PUBLISHED
Due to the Asset Explorer agent not validating HTTPS certificates, an attacker on the network can statically configure their IP address to match the Asset Explorer's Server IP address. This will allow an attacker to send a NEWSCAN request to a listening agent on the network as well as receive the agent's HTTP request verifying its authtoken. In AEAgent.cpp, the agent responding back over HTTP is vulnerable to a Heap Overflow if the POST payload response is too large. The POST payload response is converted to Unicode using vswprintf. This is written to a buffer only 0x2000 bytes big. If POST payload is larger, then heap overflow will occur.
EPSS 2.52% · 85.7th percentile
Risk Scores
EPSS Score
2.52%
85.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:24.04:LTS | due | 0, 3.0.0-1 |
| Ubuntu:25.10 | due | 0, 3.0.0-1 |
| Ubuntu:22.04:LTS | due | 0, 2.3.0-2, 3.0.0-1 |
Exploit Intelligence
Timeline
- Jul 19, 2021 CVE Published
- Jul 20, 2021 EPSS Score
- Sep 17, 2021 EPSS Score
- Nov 16, 2021 EPSS Score
- Jan 14, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 15, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 13, 2022 EPSS Score
- Sep 10, 2022 EPSS Score
- Nov 9, 2022 EPSS Score
- Jan 7, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-20109 third-party-advisory
- https://www.tenable.com/security/research/tra-2021-30 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-20109 third-party-advisory