Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2020-25928
HistoryAug 18, 2021 - 6:41 p.m.

CVE-2020-25928

2021-08-1818:41:00
mitre
www.cve.org
5
interniche nichestack
tcp/ip
buffer overflow
dns
execute arbitrary code
remote
response processing
attack vector
information leak
denial-of-service
remote code execution

AI Score

9.8

Confidence

High

EPSS

0.006

Percentile

78.5%

JSON

The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: DNS response processing functions: dns_upcall(), getoffset(), dnc_set_answer(). The attack vector is: a specific DNS response packet. The code does not check the “response data length” field of individual DNS answers, which may cause out-of-bounds read/write operations, leading to Information leak, Denial-or-Service, or Remote Code Execution, depending on the context.

Related

nvd 1
prion 1
cve 1
cnvd 1
ics 1
thn 1
cert 1
nvd
nvd
CVE-2020-25928
2021-08-18 19:15:07
prion
prion
Remote code execution
2021-08-18 19:15:00
cve
cve
CVE-2020-25928
2021-08-18 19:15:07
cnvd
cnvd
HCC Embedded InterNiche Buffer Overflow Vulnerability
2021-08-06 00:00:00
ics
ics
HCC Embedded InterNiche TCP/IP stack, NicheLite (Update B)
2021-12-16 12:00:00
thn
thn
Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices
2021-08-04 06:46:00
cert
cert
NicheStack embedded TCP/IP has vulnerabilities
2021-08-10 00:00:00

AI Score

9.8

Confidence

High

EPSS

0.006

Percentile

78.5%

JSON
Related for CVELIST:CVE-2020-25928
nvd1prion1cve1cnvd1ics1thn1cert1