CVE-2020-5736
published 2020-04-08CVE-2020-5736: Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device.
PriorityP433medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
1.58%
72.5th percentile
Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amcrest | ip2m-841-v3_firmware | < v2.800.0000000.6.r.200314 | v2.800.0000000.6.r.200314 |
| amcrest | ip2m-841_firmware | < v2.420.ac00.18.r.20200217 | v2.420.ac00.18.r.20200217 |
| amcrest | ip2m-853ew_firmware | < v2.623.00ac004.0.r.200316 | v2.623.00ac004.0.r.200316 |
| amcrest | ip2m-858w_firmware | < v2.623.00ac004.0.r.200316 | v2.623.00ac004.0.r.200316 |
| amcrest | ip2m-866ew_firmware | < v2.623.00ac004.0.r.200316 | v2.623.00ac004.0.r.200316 |
| amcrest | ip2m-866w_firmware | < v2.623.00ac004.0.r.200316 | v2.623.00ac004.0.r.200316 |
| amcrest | ip4m-1053ew_firmware | < v2.623.00ac004.0.r.200316 | v2.623.00ac004.0.r.200316 |
| amcrest | ip8m-2454ew_firmware | < v2.622.00ac000.0.r.200320 | v2.622.00ac000.0.r.200320 |
| amcrest | ip8m-2493eb_firmware | < v2.622.00ac000.0.r.200320 | v2.622.00ac000.0.r.200320 |
| amcrest | ip8m-2496eb_firmware | < v2.622.00ac000.0.r.200320 | v2.622.00ac000.0.r.200320 |
| amcrest | ip8m-2597e_firmware | < v2.800.00ac000.0.r.200330 | v2.800.00ac000.0.r.200330 |
| amcrest | ip8m-mb2546ew_firmware | < v2.622.00ac000.0.r.200320 | v2.622.00ac000.0.r.200320 |
| amcrest | ip8m-mt2544ew_firmware | < v2.622.00ac000.0.r.200320 | v2.622.00ac000.0.r.200320 |
| amcrest | ip8m-t2499ew_firmware | < v2.622.00ac000.0.r.200320 | v2.622.00ac000.0.r.200320 |
| amcrest | ipm-721_firmware | < v2.420.ac00.18.r.20200217 | v2.420.ac00.18.r.20200217 |
| amcrest | ipm-hx1_firmware | < v2.420.ac00.18.r.20200217 | v2.420.ac00.18.r.20200217 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.06.8MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:C
vendor_redhat8.6HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-65jf-2vcm-9v6q: Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777
ghsa_unreviewed·2022-05-24
CVE-2020-5736 [MEDIUM] GHSA-65jf-2vcm-9v6q: Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777
Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device.
Red Hat
docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc
vendor_redhat·2020-06-23·CVSS 8.6
CVE-2020-14298 [HIGH] CWE-271 docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc
docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. This issue only affects docker version 1.13.1-108.git4ef4b30.el7, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later versions are not affected.
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously f
No detection rules found.
No public exploits indexed.
Tenable
Amcrest Camera/NVR Multiple Vulnerabilities
blogs_tenable·2020-04-07
Amcrest Camera/NVR Multiple Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Bugzilla
CVE-2020-14298 docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc
bugzilla·2020-06-18·CVSS 8.6
CVE-2020-14298 [HIGH] CVE-2020-14298 docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc
CVE-2020-14298 docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in that update was the fix for CVE-2019-5736, that was previously corrected in the docker packages in Red Hat Enterprise Linux 7 Extras via RHSA-2019:0304 (https://access.redhat.com/errata/RHSA-2019:0304). The CVE-2020-14298 was assigned to this security regression and it is specific to the docker packages produced by Red Hat.
The original issue - CVE-2019-5736 - could possibly allow a privileged process
2020-04-08
Published