7.5
CVSSv3

CVE-2020-36475

Published: 23/08/2021 Updated: 11/01/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

An issue exists in Mbed TLS prior to 2.25.0 (and prior to 2.16.9 LTS and prior to 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

arm mbed tls

siemens logo\\!_cmr2020_firmware

siemens logo\\!_cmr2040_firmware

siemens simatic_rtu3031c_firmware

siemens simatic_rtu3041c_firmware

siemens simatic_rtu3030c_firmware

siemens simatic_rtu3000c_firmware

debian debian linux 9.0

debian debian linux 10.0