IM
IronMonkey Threat Research

CVE-2017-12820 HIGH

Published: 2017-10-04 | Last Modified: 2026-06-17 | Status: Modified

Description

Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.

Additional Descriptions (1)

Existe una lectura arbitraria de memoria desde el puntero que controla el acceso a la memoria en los productos HASP SRM, Sentinel HASP y Sentinel LDK de Gemalto anteriores a la versión 7.55 de Sentinel LDK RTE que podría provocar una denegación de servicio (DoS) remota.

CVSS Metrics

Base Score: 5.0 (MEDIUM)

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactPARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 2.9

Weaknesses

Source Type Description
[email protected] Primary
en CWE-119

Affected Products

Vendor Product Version Update Type
sentinel sentinel_ldk_rte_firmware * <built-in method update of dict object at 0x72a9b0b68c40> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:sentinel:sentinel_ldk_rte_firmware:*:*:*:*:*:*:*:*

References

Notification
Message here