An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation Third Party Advisory |
https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation Third Party Advisory |
https://www.hcc-embedded.com | Product |
https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-19T11:21:08
Updated: 2021-08-19T11:21:29
Reserved: 2020-12-24T00:00:00
Link: CVE-2020-35685
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-08-19T12:15:08.217
Modified: 2021-08-26T18:21:15.667
Link: CVE-2020-35685
JSON object: View
Redhat Information
No data.
CWE