CyberSec.Space Logo
Back to CVE Browser

CVE-2020-11899

Known Exploited (CISA KEV)MEDIUM
5.4
CVSS Severity Score
EPSS Score65.2740%
EPSS Percentile98.80th
PublishedJun 17, 2020
Last ModifiedNov 7, 2025

Vulnerability Description

The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.

Affected Platforms (CPE)

πŸ“¦
Treck

Tcp\/ip

< 6.0.1.66
πŸ’»
Dell

Wyse 5050 All In One Firmware

All versions
πŸ’»
Dell

Wyse 7030 Firmware

All versions
πŸ’»
Dell

Wyse 5030 Firmware

All versions

References & Advisories

πŸ”— http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt
πŸ”— https://cwe.mitre.org/data/definitions/125.html
πŸ”— https://jsof-tech.com/vulnerability-disclosure-policy/
πŸ”— https://security.netapp.com/advisory/ntap-20200625-0006/
πŸ”— https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC
πŸ”— https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities
πŸ”— https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
πŸ”— https://www.jsof-tech.com/ripple20/

Related Vulnerabilities

CVE-1999-066110.0

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP...

CVE-2018-399110.0

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40...

CVE-1999-060110.0

A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.

CVE-1999-083710.0

Denial of service in BIND by improperly closing TCP sessions via so_linger.