CVE-2020-25926

Summary of CVE-2020-25926 (INFRA:HALT) in HCC Embedded/NicheStack: The DNS client in InterNiche NicheStack TCP/IP (pre-4.3) suffers from insufficient entropy in DNS transaction IDs, enabling remote DNS cache poisoning via specially crafted responses. The related ICS/National advisories enumerate ...

CVE-2020-25926

The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...

NicheStack embedded TCP/IP has vulnerabilities

Overview HCC Embedded's software called InterNiche stack NicheStack and NicheLite, which provides TCP/IP networking capability to embedded systems, is impacted by multiple vulnerabilities. The Forescout and JFrog researchers who discovered this set of vulnerabilities have identified these as...

HCC Embedded InterNiche Technologies NicheStack Input Validation Error Vulnerability

InterNiche Technologies NicheStack is a small footprint, RFC-compliant embedded stack that is portable to commercial or proprietary non-MMU operating systems. InterNiche Technologies NicheStack suffers from an input validation error vulnerability that stems from a boundary condition in the ICMP...

HCC Embedded InterNiche Technologies NicheStack Input Validation Error Vulnerability (CNVD-2021-58800)

InterNiche Technologies NicheStack is a small footprint, RFC-compliant embedded stack that is portable to commercial or proprietary non-MMU operating systems. InterNiche Technologies NicheStack suffers from an input validation error vulnerability that exists due to insufficient validation of...

Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices

Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology OT devices manufactured by no fewer than 200 vendors and deployed in manufacturing plants, power generation, water treatment, and critical...

HCC Embedded InterNiche 缓冲区错误漏洞

InterNiche Technologies NicheStack is a small footprint, RFC-compliant embedded stack that is portable to commercial or proprietary non-MMU operating systems. InterNiche Technologies NicheStack suffers from an input validation error vulnerability that stems from a boundary condition in the ICMP...

HCC Embedded InterNiche 输入验证错误漏洞

InterNiche Technologies NicheStack is a small footprint, RFC-compliant embedded stack that is portable to commercial or proprietary non-MMU operating systems. InterNiche Technologies NicheStack suffers from an input validation error vulnerability that exists due to insufficient validation of...

PT-2021-3861 · Hcc Embedded · Nichestack

Name of the Vulnerable Software and Affected Versions: HCC Embedded InterNiche NicheStack versions through 4.3 Description: The issue is related to errors in handling TFTP packet processing in the NicheLite and InterNiche TCP/IP stacks, specifically with null-termination of strings or arrays. Thi...

NicheStack TCP/IP Stack - HTTP Detection

Binary data nichestacktcpipstackhttpdetect.nbin...