CVE-2020-12338

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-12338

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-12338.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-12338

Published

2020-11-13T20:15:16Z

Modified

2025-10-21T05:21:29.958363Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00424

Affected packages

Git / github.com/open-webrtc-toolkit/owt-client-native

Affected ranges

Type: GIT
Repo: https://github.com/open-webrtc-toolkit/owt-client-native
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

dffb087843165e3a32782166de39ee69449035ee

Affected versions

v4.*

v4.2

v4.3

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/open-webrtc-toolkit/owt-client-native/commit/dffb087843165e3a32782166de39ee69449035ee",
        "signature_version": "v1",
        "id": "CVE-2020-12338-22ac10a4",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "86310537357742711522554288662252524653",
                "198724102631428920310675164983833046773",
                "312119000461032513070821921209177870753",
                "110777750583977364341555723765607319647",
                "321187096991619065488284454130272409392",
                "6161787724889737251388452123862981765",
                "89682433453315972149695229667773839490",
                "9993649240669818931281174892988084787",
                "318709999147956003696317676473899661606",
                "171437523464922095143021674773466646611",
                "58233326099051410859573081865752948631",
                "243459196542640225937446050150936616037",
                "86877551939388495682508741133385948001",
                "330464372603866535961545736679521691250",
                "238794149573011403034868534810046452667",
                "152056748366073379711756381943643002918",
                "232636778225142373450975805283171619479",
                "240229462547800434724083572398532315987"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "talk/owt/sdk/base/stream.cc"
        }
    },
    {
        "source": "https://github.com/open-webrtc-toolkit/owt-client-native/commit/dffb087843165e3a32782166de39ee69449035ee",
        "signature_version": "v1",
        "id": "CVE-2020-12338-7bd7d8ce",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "220944668747585424659931695874985547546",
                "199266061134502652160859654721878165827",
                "140564883680455505326948841528124601061",
                "297335981029582278399636319640517864741",
                "162054904809002478340726470928596806859",
                "83776471746934918207831601486129033164",
                "320576276794941585190446518972911357915",
                "310861156565995364091000267649519397371"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "talk/owt/sdk/p2p/p2pclient.cc"
        }
    },
    {
        "source": "https://github.com/open-webrtc-toolkit/owt-client-native/commit/dffb087843165e3a32782166de39ee69449035ee",
        "signature_version": "v1",
        "id": "CVE-2020-12338-8083e06d",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "47453765424770021245435967363175417898",
                "112553676758335544199047832832998191615",
                "93586685202667146496840560532332379029",
                "186373980339141930816508746895359360508",
                "198518354869314704725802688909243222013",
                "55507458686353969790794198730525233213",
                "134354208139153006327040520252643188087",
                "232245726520646438951307819888630866928",
                "208995284718038733344246906950484488974",
                "217362428488824770232351384572830730584",
                "306119504383199098112989622046988548195"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "talk/owt/sdk/conference/conferenceclient.cc"
        }
    },
    {
        "source": "https://github.com/open-webrtc-toolkit/owt-client-native/commit/dffb087843165e3a32782166de39ee69449035ee",
        "signature_version": "v1",
        "id": "CVE-2020-12338-b1cf6796",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "149894179034300575106978176431439015097",
                "160744244898794675618642526860331925984",
                "252303588782120151243640212892655540205",
                "118297102586518373120930482333320097892",
                "260794776804708829792565031446645341814"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "talk/owt/sdk/include/cpp/owt/base/stream.h"
        }
    },
    {
        "source": "https://github.com/open-webrtc-toolkit/owt-client-native/commit/dffb087843165e3a32782166de39ee69449035ee",
        "signature_version": "v1",
        "id": "CVE-2020-12338-b31760b5",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "20312599778124906618172744110812495760",
                "250214053694191121139669094850553101524",
                "233275782588892674415398090467324570642",
                "146519576209661216660403257812988966845",
                "225204724360632672728939002656741974269",
                "3601125770601099197546741166727218067",
                "316636957026982994477662834472439046724",
                "176374036522572727126720396800736977310",
                "196225464977635945897980786549816631924",
                "128373319131705038836157100223330174285",
                "338318507619047269167499046966148727975",
                "198433002535987794414368571151804510218",
                "45685551670572888728692762650253563132",
                "156938231475610825888415976328790972254",
                "209538935556711561936469552975645512067",
                "26435434435163505546425000046090038534",
                "158379228964096248648935527713554358663",
                "186042773614190921411969555490050484894",
                "296314121800250234241670019750881385801",
                "96303817958867913904265093094006158339",
                "96464962371252967015454310560882308245",
                "327090016987449698446705059204614213560",
                "332643633189670167731804687216399402233",
                "2916125811031995266904106482786724406",
                "337385835839809511622852814130960266616"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "talk/owt/sdk/base/customizedvideosource.cc"
        }
    },
    {
        "source": "https://github.com/open-webrtc-toolkit/owt-client-native/commit/dffb087843165e3a32782166de39ee69449035ee",
        "signature_version": "v1",
        "id": "CVE-2020-12338-da69c885",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "256324297954870725830070557361066904962",
                "337559938449018069766281489580927575578",
                "222450375385516354430813769623214791428",
                "269972972310206028561852621364893648304",
                "252954006627108299166225618208158666687",
                "83067415305573844777498921164081151653",
                "68835910553978690873668225538299390466",
                "183078390136501467401732727821191548314",
                "291144880928023720224510466967374157620",
                "184556488220591655520409150438745100211",
                "186857411564514158476175851160715162291",
                "62528534961912861962558366938984417630",
                "108729083780678554592151762936353133121",
                "45847813635202177871285505616484375026",
                "90717469606253378472042555627259391606",
                "257067770467335020727882520505942675729",
                "294717996687476849422736794374897538515",
                "129084211761953039397173988194882639735",
                "272585562471655967810258422903150173544",
                "314698610653737018709955680984647802606",
                "234012489790713481695692326864113854936",
                "302495106179360162692103436206473354934",
                "325845518427944480989166523099725188119",
                "183544317894557712631632025532532388575",
                "242528446389848834479448278603007472156",
                "286007528718317458372767293507012640708",
                "91376695078725328463986105512037251758",
                "158197575410976080971868821160928019847"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "talk/owt/sdk/base/customizedvideosource.h"
        }
    }
]