Vulnerability Details CVE-2020-27634
In Contiki 4.5, TCP ISNs are improperly random.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.8%
CVSS Severity
CVSS v3 Score 9.1
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01
- https://www.forescout.com
- https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/
- https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01
- https://www.forescout.com
- https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/
Products affected by CVE-2020-27634
-
cpe:2.3:o:contiki-ng:contiki-ng:4.5