cbcvebase.
CVE-2020-11899
published 2020-06-17

CVE-2020-11899: The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.

PriorityP276medium5.4CVSS 3.1
AVAACLPRNUINSUCNILAL
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-03-17
Exploited in the wild
EPSS
18.42%
96.9th percentile
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.

Affected

2 ranges
VendorProductVersion rangeFixed in
paloaltopan-os
trecktcp_ip< 6.0.1.666.0.1.66

Detection & IOCsextracted from sources · hover to see the quote

  • Target systems running Treck TCP/IP stack versions before 6.0.1.66 with IPv6 enabled are vulnerable to out-of-bounds read via malformed IPv6 packets
  • Monitor for exploitation attempts targeting Treck IP stack IPv6 processing; exploitation may result in denial of service or information disclosure observable as anomalous IPv6 traffic or device crashes
  • This vulnerability is part of the 'Ripple20' vulnerability set disclosed on June 16, 2020; threat hunting should include correlation with other Ripple20 CVEs on the same affected hosts
  • ·Cisco products are affected; Cisco Bug IDs CSCvu68945 are associated with this CVE across multiple product lines — check Cisco advisory for specific affected product versions
  • ·The advisory notes it will be updated as additional information becomes available; affected product scope may be broader than initially listed

CVSS provenance

nvdv3.15.4MEDIUMCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
nvdv2.04.8MEDIUMAV:A/AC:L/Au:N/C:N/I:P/A:P
vulncheck5.4MEDIUM
cisa5.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.