Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2020-35685
HistoryAug 19, 2021 - 11:21 a.m.

CVE-2020-35685

2021-08-1911:21:08
mitre
www.cve.org
7
cve-2020-35685
hcc nichestack
tcp connections
isn
rfc 6528
security vulnerability

AI Score

9.2

Confidence

High

EPSS

0.001

Percentile

46.1%

JSON

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)

Related

prion 1
cve 1
nvd 1
cnvd 1
cert 1
thn 1
ics 1
prion
prion
Code injection
2021-08-19 12:15:00
cve
cve
CVE-2020-35685
2021-08-19 12:15:08
nvd
nvd
CVE-2020-35685
2021-08-19 12:15:08
cnvd
cnvd
Unspecified Vulnerability in Siemens Interniche IP Stack Low Voltage Devices
2021-08-05 00:00:00
cert
cert
NicheStack embedded TCP/IP has vulnerabilities
2021-08-10 00:00:00
thn
thn
Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices
2021-08-04 06:46:00
ics
ics
HCC Embedded InterNiche TCP/IP stack, NicheLite (Update B)
2021-12-16 12:00:00

AI Score

9.2

Confidence

High

EPSS

0.001

Percentile

46.1%

JSON
Related for CVELIST:CVE-2020-35685
prion1cve1nvd1cnvd1cert1thn1ics1