CVE-2020-11909Integer Underflow (Wrap or Wraparound) in TCP IP

CWE-191Integer Underflow (Wrap or Wraparound)CWE-20Improper Input Validation4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
2.4%
top 14.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Treck TCP IP
Timeline
PublishedJun 17
Latest updateMay 24

Description

The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

NVDtreck/tcp_ip< 6.0.1.66

🔴Vulnerability Details

2
GHSA
GHSA-m99q-jrwg-59cj: The Treck TCP/IP stack before 62022-05-24
CVEList
CVE-2020-11909: The Treck TCP/IP stack before 62020-06-17

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 20202020-06-17
CVE-2020-11909 — Integer Underflow (Wrap or Wraparound) | cvebase