Back to CVE Browser

CVE-2020-11896

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1040%

EPSS Percentile32.98th

PublishedJun 17, 2020

Last ModifiedNov 21, 2024

Vulnerability Description

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.

Affected Platforms (CPE)

📦

Treck

Tcp\/ip

< 6.0.1.66

References & Advisories

🔗 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt

🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf

🔗 https://jsof-tech.com/vulnerability-disclosure-policy/

🔗 https://security.netapp.com/advisory/ntap-20200625-0006/

🔗 https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04012en_us

🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC

🔗 https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities

🔗 https://www.jsof-tech.com/ripple20/

Related Vulnerabilities

CVE-1999-060110.0

A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.

CVE-2018-399110.0

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40...

CVE-2018-291310.0

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Monitoring Manager). Supported versions that ...

CVE-1999-066110.0

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP...