Lucene search

GoogleOSV:CVE-2020-27633

HistoryOct 10, 2023 - 5:15 p.m.

CVE-2020-27633

2023-10-1017:15:10

Google

osv.dev

fnet vulnerability

tcp isns

improper randomization

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.6%

JSON

In FNET 4.6.3, TCP ISNs are improperly random.

CPENameOperatorVersion
fneteq3.9.3
fneteq4.6.1
fneteq4.4.0
fneteq4.5.1
fneteq4.6.0
fneteq3.6.0
fneteq4.1.1
fneteq3.9.3updated
fneteq3.0.0
fneteq4.0.0

Name	Operator	Version
fnet	eq	3.9.3
fnet	eq	4.6.1
fnet	eq	4.4.0
fnet	eq	4.5.1
fnet	eq	4.6.0
fnet	eq	3.6.0
fnet	eq	4.1.1
fnet	eq	3.9.3updated
fnet	eq	3.0.0
fnet	eq	4.0.0

Rows per page:

1-10 of 361

References

www.cisa.gov/news-events/ics-advisories/icsa-21-042-01

www.forescout.com

www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.6%

JSON

Related for OSV:CVE-2020-27633