• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Iranian Hackers Exploit RDP to Distribute Dharma Ransomware
August 26, 2020
Rewterz Threat Advisory – ICS: CVE-2020-16235 – Emerson OpenEnterprise SCADA Software
August 26, 2020

Rewterz Threat Advisory – ICS: Treck TCP/IP Stack Multiple Vulnerabilities

August 26, 2020

Severity

High

Analysis Summary

Multiple vulnerabilities have been reported in The Treck TCP/IP stack by Treck Inc.

  • Improper input validation in ARP component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow out-of-bounds Read. CVE-2020-11914
  • Improper input validation in IPv6 component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow out-of-bounds Read. CVE-2020-11913
  • Improper input validation in TCP component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow out-of-bounds Read.. CVE-2020-11912
  • The affected product is vulnerable to improper access control, which may allow an attacker to change one specific configuration value. CVE-2020-11911
  • Improper input validation in ICMPv4 component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow out-of-bounds Read. CVE-2020-11910
  • Improper input validation in IPv4 component when handling a packet sent by an unauthorized network attacker. CVE-2020-11909
  • Improper null termination in DHCP component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow exposure of sensitive information. CVE-2020-11908
  • Improper handling of length parameter inconsistency in TCP component, from a packet sent by an unauthorized network attacker. CVE-2020-11907
  • Improper input validation CWE-20 in ethernet link layer component from a packet sent by an unauthorized user.  CVE-2020-11906
  • Possible out-of-bounds read in DHCPv6 component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow exposure of sensitive information. CVE-2020-11905
  • Possible integer overflow or wraparound in memory allocation component when handling a packet sent by an unauthorized network attacker may result in out-of-bounds write. CVE-2020-11904
  • Possible out-of-bounds read in DHCP component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow exposure of sensitive information. CVE-2020-11903
  • Improper input validation in IPv6 over IPv4 tunneling component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow out-of-bounds Read. CVE-2020-11902
  • Improper input validation in DNS resolver component when handling a packet sent by an unauthorized network attacker. This vulnerability may result in remote code execution. CVE-2020-11901
  • Possible double free in IPv4 tunneling component when handling a packet sent by a network attacker. This vulnerability may result in use after free. CVE-2020-11900
  • Improper input validation in IPv6 component when handling a packet sent by an unauthorized network attacker. This vulnerability may allow out-of-bounds Read and a possible Denial of Service. CVE-2020-11899
  • Improper handling of length parameter inconsistency in IPv4/ICMPv4 component when handling a packet sent by an unauthorized network attacker. This vulnerability may result in out-of-bounds Read. CVE-2020-11898
  • Improper handling of length parameter inconsistency in IPv6 component when handling a packet sent by an unauthorized network attacker. This vulnerability may result in possible out-of-bounds write. CVE-2020-11897
  • Improper handling of length parameter inconsistency in IPv4/UDP component when handling a packet sent by an unauthorized network attacker. This vulnerability may result in remote code execution. CVE-2020-11896

The Treck TCP/IP stack may be known by other names such as Kasago TCP/IP, ELMIC, Net+ OS, Quadnet, GHNET v2, Kwiknet, or AMX.

Impact

  • Remote code execution
  • Exposure of sensitive information

Affected Vendors

Treck Inc.

Affected Products

The Treck TCP/IP stack is affected including: IPv4
IPv6
UDP
DNS
DHCP
TCP
ICMPv4
ARP

Remediation

Treck recommends users to apply the latest version of the affected products (Treck TCP/IP 6.0.1.67 or later versions). To obtain patches, email security@treck.com.

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.