CVE-2020-11897

CRITICAL

Treck TCP/IP < 5.0.1.35 - Out-of-Bounds Write via Malformed IPv6 Packets

Title source: llm
STIX 2.1

Description

The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.

References (8)

Core 8
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://www.kb.cert.org/vuls/id/257161/
Product, Vendor Advisory x_refsource_misc
https://www.treck.com
Third Party Advisory x_refsource_misc
https://jsof-tech.com/vulnerability-disclosure-policy/
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/257161
Third Party Advisory x_refsource_misc
https://www.jsof-tech.com/ripple20/

Scores

CVSS v3 10.0
EPSS 0.0914
EPSS Percentile 94.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
treck/tcp\/ip < 5.0.1.35
Published Jun 17, 2020
Tracked Since Feb 18, 2026