CVE-2020-6058 – CVE-2020-6058 is a critical out-of-bounds read ... (How to Fix)

Q: What is the severity of CVE-2020-6058?

CVE-2020-6058 has a CVSS score of 9.1 (CRITICAL). CVE-2020-6058 is a critical out-of-bounds read vulnerability in MiniSNMPD version 1.4 that allows attackers to read sensitive memory contents and cause denial of service. Attackers can exploit this by sending specially crafted SNMP packets to vulnerable servers. Organizations running MiniSNMPD 1.4 are affected.

📋 TL;DR

CVE-2020-6058 is a critical out-of-bounds read vulnerability in MiniSNMPD version 1.4 that allows attackers to read sensitive memory contents and cause denial of service. Attackers can exploit this by sending specially crafted SNMP packets to vulnerable servers. Organizations running MiniSNMPD 1.4 are affected.

💻 Affected Systems

Products:

MiniSNMPD

Versions: Version 1.4

Operating Systems: Linux, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Any system running MiniSNMPD 1.4 with SNMP service enabled is vulnerable. The vulnerability is in the packet parsing logic.

📦 What is this software?

Minisnmpd by Minisnmpd Project

View all CVEs affecting Minisnmpd →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through memory disclosure leading to credential theft, followed by service disruption and potential lateral movement.

🟠

Likely Case

Service disruption (DoS) and leakage of sensitive information from memory, potentially exposing credentials or configuration data.

🟢

If Mitigated

Limited impact with proper network segmentation and SNMP access controls, potentially only causing service restart.

🌐 Internet-Facing: HIGH - Attackers can remotely exploit without authentication via SNMP port (typically UDP 161).

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could exploit, but requires network access to SNMP service.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending crafted SNMP packets to UDP port 161. Public proof-of-concept code exists in vulnerability reports.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 1.5 or later

Vendor Advisory: https://github.com/troglobit/mini-snmpd/releases

Restart Required: Yes

Instructions:

1. Download MiniSNMPD 1.5+ from GitHub. 2. Stop the current MiniSNMPD service. 3. Install the new version. 4. Restart the service. 5. Verify the version is updated.

🔧 Temporary Workarounds

Network Access Control

linux

Restrict SNMP access to trusted networks only using firewall rules.

iptables -A INPUT -p udp --dport 161 -s TRUSTED_NETWORK -j ACCEPT
iptables -A INPUT -p udp --dport 161 -j DROP

Service Disablement

linux

Disable MiniSNMPD service if not required.

systemctl stop mini-snmpd
systemctl disable mini-snmpd

🧯 If You Can't Patch

Implement strict network segmentation to isolate SNMP traffic to management networks only.
Deploy intrusion detection systems to monitor for SNMP exploitation attempts and alert on anomalous packets.

🔍 How to Verify

Check if Vulnerable:

Check if MiniSNMPD version 1.4 is running: 'ps aux | grep mini-snmpd' and check version in output or configuration.

Check Version:

mini-snmpd -v 2>/dev/null || grep version /etc/mini-snmpd.conf

Verify Fix Applied:

Verify the version is 1.5 or higher: 'mini-snmpd -v' or check service status and version in package manager.

📡 Detection & Monitoring

Log Indicators:

SNMP service crashes or restarts in system logs
Unusual SNMP request patterns in application logs

Network Indicators:

Malformed SNMP packets to UDP port 161
High volume of SNMP requests from single sources

SIEM Query:

source_port:161 AND (packet_size:>1500 OR protocol_anomaly:true)

📊 Metadata

CVE ID: CVE-2020-6058

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

Published: February 4, 2020

Last Updated: November 21, 2024

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2020-0975 Exploit,Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2020-0975 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-6058, you might also want to check these: