CVE-2020-11906
published 2020-06-17CVE-2020-11906: The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
PriorityP429medium6.3CVSS 3.1
AVAACLPRNUINSUCLILAL
EPSS
1.96%
77.8th percentile
The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paloalto | pan-os | — | — |
| treck | tcp_ip | < 6.0.1.66 | 6.0.1.66 |
CVSS provenance
nvdv3.16.3MEDIUMCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvdv2.05.8MEDIUMAV:A/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Treck TCP/IP Stack (Update I)
cisa_ics·2024-09-19·CVSS 10.0
[CRITICAL] Treck TCP/IP Stack (Update I)
ICS Advisory
##
Treck TCP/IP Stack (Update I)
Last RevisedSeptember 19, 2024
Alert CodeICSA-20-168-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 10.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Treck Inc.
- Equipment: TCP/IP
- Vulnerabilities: Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or Wraparound, Improper Null Termination, Improper Access Control
CISA is aware of a public report, known as "Ripple20" that details vulnerabilities found in the Treck TCP/IP stack. CISA is issuing this advisory to provide early notice of the reported vulnerabilities and identify
Palo Alto
PAN
vendor_paloalto·2020-07-08·CVSS 9.8
CVE-2013-7459 [CRITICAL] PAN
PAN
The Palo Alto Networks Product Security Assurance team has evaluated and determined that these third-party or open source vulnerabilities do not have any security impact on PAN-OS or that the scenarios required for successful
CVEs: CVE-2013-7459, CVE-2018-1120, CVE-2018-1121, CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-16402, CVE-2020-11022, CVE-2020-11023, CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, CVE-2020-11899, CVE-2020-11900, CVE-2020-11901, CVE-2020-11902, CVE-2020-11903, CVE-2020-11904, CVE-2020-11905, CVE-2020-11906, CVE-2020-11907, CVE-2020-11908, CVE-2020-11909, CVE-2020-11910, CVE-2020-11911, CVE-2020-11912, CVE-2020-11913, CVE-2020-11914
Affected products: PAN-OS
Cisco
Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020
vendor_cisco·2020-06-17
CVE-2020-11896 [CRITICAL] CWE-20 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020
Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020
A set of previously unknown vulnerabilities on the Treck IP stack implementation were disclosed on June 16, 2020. The vulnerabilities are collectively known as Ripple20. Exploitation of these vulnerabilities could result in remote code execution, denial of service (DoS), or information disclosure, depending on the specific vulnerability.
This advisory will be updated as additional information becomes available.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC
Cisco
Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020
vendor_cisco
CVE-2020-11906 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020
CVE-2020-11906: Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020
A set of previously unknown vulnerabilities on the Treck IP stack implementation were disclosed on June 16, 2020. The vulnerabilities are collectively known as Ripple20. Exploitation of these vulnerabilities could result in remote code execution, denial of service (DoS), or information disclosure, depending on the specific vulnerability. This advisory will be updated as additional information becomes available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC
CWE: CWE-20, CWE-20
Bug IDs: CSCvu68945, CSCvu68945, CSCvu68945, CSCvu68945
GHSA
GHSA-vm7q-gv9m-xqf3: The Treck TCP/IP stack before 6
ghsa_unreviewed·2022-05-24
CVE-2020-11906 [MEDIUM] GHSA-vm7q-gv9m-xqf3: The Treck TCP/IP stack before 6
The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
No detection rules found.
No public exploits indexed.
Qualys
Ripple20: Multiple Vulnerabilities Identified in Treck TCP/IP Stack | Qualys
blogs_qualys·2020-06-24·CVSS 10.0
[CRITICAL] Ripple20: Multiple Vulnerabilities Identified in Treck TCP/IP Stack | Qualys
#### Table of Contents
- Ripple20Vulnerabilities
- Detecting Treck IP Stack Vulnerabilities with Qualys VM
- Qualys Threat Protection
- Workaround
Multiple vulnerabilities that use a low-level TCP/IP software library developed by Treck, Inc. were identified recently in implementations of the Treck IP stack for embedded systems. These vulnerabilities were discovered by the JSOF research lab and have been named Ripple20.
## Ripple20Vulnerabilities
Ripple20 is a set of 19 vulnerabilities that affects hundreds of devices (or more) and include multiple remote code execution vulnerabilities.
Four of the Ripple20 vulnerabilities are critical (CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, CVE-2020-11901 ), with CVSS scores over 9 and enable Remote Code Execution. One of the critical vulnera
Qualys
Ripple20: Multiple Vulnerabilities Identified in Treck TCP/IP Stack
blogs_qualys·2020-06-24·CVSS 10.0
[CRITICAL] Ripple20: Multiple Vulnerabilities Identified in Treck TCP/IP Stack
## Table of Contents
Ripple20Vulnerabilities
Detecting Treck IP Stack Vulnerabilities with Qualys VM
Qualys Threat Protection
Workaround
Multiple vulnerabilities that use a low-level TCP/IP software library developed by Treck, Inc. were identified recently in implementations of the Treck IP stack for embedded systems. These vulnerabilities were discovered by the JSOF research lab and have been named Ripple20 .
## Ripple20 Vulnerabilities
Ripple20 is a set of 19 vulnerabilities that affects hundreds of devices (or more) and include multiple remote code execution vulnerabilities.
Four of the Ripple20 vulnerabilities are critical (CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, CVE-2020-11901 ), with CVSS scores over 9 and enable Remote Code Execution. One of the critical vulnerabilit
Tenable
CVE-2020-11896, CVE-2020-11897, CVE-2020-11901: Ripple20 Zero-Day Vulnerabilities in Treck TCP/IP Libraries Disclosed
blogs_tenable·2020-06-16·CVSS 10.0
[CRITICAL] CVE-2020-11896, CVE-2020-11897, CVE-2020-11901: Ripple20 Zero-Day Vulnerabilities in Treck TCP/IP Libraries Disclosed
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txthttps://jsof-tech.com/vulnerability-disclosure-policy/https://security.netapp.com/advisory/ntap-20200625-0006/https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04012en_ushttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyChttps://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilitieshttps://www.jsof-tech.com/ripple20/https://www.kb.cert.org/vuls/id/257161https://www.kb.cert.org/vuls/id/257161/https://www.treck.comhttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txthttps://jsof-tech.com/vulnerability-disclosure-policy/https://security.netapp.com/advisory/ntap-20200625-0006/https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04012en_ushttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyChttps://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilitieshttps://www.jsof-tech.com/ripple20/https://www.kb.cert.org/vuls/id/257161https://www.kb.cert.org/vuls/id/257161/https://www.treck.com
2020-06-17
Published