Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-17443

An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the size of the ICMPv6 echo replies has an integer wrap around, leading to memory corruption and, eventually, Denial-of-Service in pico_icmp6_send_echoreply_not_frag in pico_icmp6.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2020-17443
  • Altran » Picotcp » Version: 1.0
    cpe:2.3:a:altran:picotcp:1.0
  • Altran » Picotcp » Version: 1.1
    cpe:2.3:a:altran:picotcp:1.1
  • Altran » Picotcp » Version: 1.2
    cpe:2.3:a:altran:picotcp:1.2
  • Altran » Picotcp » Version: 1.2.1
    cpe:2.3:a:altran:picotcp:1.2.1
  • Altran » Picotcp » Version: 1.2.2
    cpe:2.3:a:altran:picotcp:1.2.2
  • Altran » Picotcp » Version: 1.2.3
    cpe:2.3:a:altran:picotcp:1.2.3
  • Altran » Picotcp » Version: 1.2.4
    cpe:2.3:a:altran:picotcp:1.2.4
  • Altran » Picotcp » Version: 1.3.0
    cpe:2.3:a:altran:picotcp:1.3.0
  • Altran » Picotcp » Version: 1.4.0
    cpe:2.3:a:altran:picotcp:1.4.0
  • Altran » Picotcp » Version: 1.4.2
    cpe:2.3:a:altran:picotcp:1.4.2
  • Altran » Picotcp » Version: 1.5.0
    cpe:2.3:a:altran:picotcp:1.5.0
  • Altran » Picotcp » Version: 1.5.1
    cpe:2.3:a:altran:picotcp:1.5.1
  • Altran » Picotcp » Version: 1.6.0
    cpe:2.3:a:altran:picotcp:1.6.0
  • Altran » Picotcp » Version: 1.6.1
    cpe:2.3:a:altran:picotcp:1.6.1
  • Altran » Picotcp » Version: 1.6.2
    cpe:2.3:a:altran:picotcp:1.6.2
  • Altran » Picotcp » Version: 1.7.0
    cpe:2.3:a:altran:picotcp:1.7.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved