Sane Backends
CVE-2020-12865
HIGH
Severity by source
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
AnalysisAI
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. Affected products include: Sane-Project Sane Backends, Canonical Ubuntu Linux, Debian Debian Linux, Opensuse Leap. Version information: before 1.0.30.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
More in Sane Backends
View allA heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as t
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONT
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today