CVE-2020-35684
HIGHHCC Nichestack 3.0 - Out-of-Bounds Read and Write via TCP Checksum Computation
Title source: llmDescription
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).
References (4)
Core 4
Core References
Product x_refsource_misc
https://www.hcc-embedded.com
Mitigation, Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf
Mitigation, Third Party Advisory x_refsource_misc
https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/608209
Scores
CVSS v3
7.5
EPSS
0.0070
EPSS Percentile
72.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (3)
hcc-embedded/nichestack
3.0
siemens/sentron_3wa_com190_firmware
< 2.0.0
siemens/sentron_3wl_com35_firmware
< 1.2.0
Published
Aug 19, 2021
Tracked Since
Feb 18, 2026