CVE-2022-36054
CVE-2022-36054 is a medium-severity vulnerability in Contiki-ng with a CVSS 3.x base score of 6.8. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-787.
Key facts
- Severity: Medium (CVSS 3.x base score 6.8)
- EPSS exploit prediction: 1% (46th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-787
- Affected product: Contiki-ng
- Published:
- Last modified:
Description
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system (file os/net/ipv6/sicslowpan.c) contains an input function that processes incoming packets and copies them into a packet buffer. Because of a missing length check in the input function, it is possible to write outside the packet buffer's boundary. The vulnerability can be exploited by anyone who has the possibility to send 6LoWPAN packets to a Contiki-NG system. In particular, the vulnerability is exposed when sending either of two types of 6LoWPAN packets: an unfragmented packet or the first fragment of a fragmented packet. If the packet is sufficiently large, a subsequent memory copy will cause an out-of-bounds write with data supplied by the attacker.
Frequently asked questions
- What is CVE-2022-36054?
- Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system (file os/net/ipv6/sicslowpan.c) contains an input function that processes incoming packets and copies them into a packet buffer. Because of a missing length check in the input function, it is possible to write outside the packet buffer's boundary. The vulnerability can be exploited by anyone who has the possibility to send 6LoWPAN packets to a Contiki-NG system. In particular, the vulnerability is exposed when sending either of two types of 6LoWPAN packets: an unfragmented packet or the first fragment of a fragmented packet. If the packet is sufficiently large, a subsequent memory copy will cause an out-of-bounds write with data supplied by the attacker.
- How severe is CVE-2022-36054?
- CVE-2022-36054 has a CVSS 3.x base score of 6.8, rated medium severity. It is exploitable over network with high attack complexity, requires low privileges and no user interaction. Impact on confidentiality is high, integrity high, and availability none.
- Is CVE-2022-36054 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (46th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2022-36054?
- CVE-2022-36054 affects Contiki-ng. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2022-36054?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2022-36054 published?
- CVE-2022-36054 was published on 2022-09-01 and last updated on 2026-06-17.
References
- https://github.com/contiki-ng/contiki-ng/pull/1648
- https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-c36p-vhwg-244c
Affected products (1)
- cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*
More vulnerabilities in Contiki-ng
- CVE-2018-19417 — Critical (CVSS 10.0): An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT…
- CVE-2023-30546 — Critical (CVSS 9.8): Contiki-NG is an operating system for Internet of Things devices. An off-by-one error can be triggered in the Antelope…
- CVE-2020-24336 — Critical (CVSS 9.8): An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name…
- CVE-2020-14936 — Critical (CVSS 9.8): Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP…
- CVE-2020-14935 — Critical (CVSS 9.8): Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP bulk get request response encoding…
- CVE-2020-14934 — Critical (CVSS 9.8): Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. The function parsing the received…
All CVEs affecting Contiki-ng →
Other CWE-787 (Out-of-bounds Write) vulnerabilities
- CVE-2026-42369 — Critical (CVSS 10.0): GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other…
- CVE-2026-4746 — Critical (CVSS 10.0): Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/src modules). This vulnerability is…
- CVE-2025-43300 — Critical (CVSS 10.0): An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS…
- CVE-2025-24201 — Critical (CVSS 10.0): An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in…
- CVE-2024-42479 — Critical (CVSS 10.0): llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause…
- CVE-2024-39791 — Critical (CVSS 10.0): Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge…