Vulnerability Details CVE-2020-27635
In PicoTCP 1.7.0, TCP ISNs are improperly random.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.7%
CVSS Severity
CVSS v3 Score 9.1
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01
- https://www.forescout.com
- https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/
- https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01
- https://www.forescout.com
- https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/