CVE-2022-43501

CRITICAL

Zuken Elmic KASAGO - Info Disclosure

Title source: llm

Description

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNs(Initial Sequence Number) for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones.

References (2)

[Vendor Advisory] https://www.elwsc.co.jp/news/6352

[Third Party Advisory] https://jvn.jp/en/vu/JVNVU99551468/

Scores

CVSS v3 9.1

EPSS 0.0032

EPSS Percentile 55.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-330

Status published

Products (4)

elwsc/kasago_ipv4 < 6.0.1.34

elwsc/kasago_ipv4_light < 6.0.1.34

elwsc/kasago_ipv6\/v4_dual < 6.0.1.34

elwsc/kasago_mobile_ipv6 < 6.0.1.34

Published Feb 10, 2023

Tracked Since Feb 18, 2026