The Treck TCP/IP stack prior to 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
treck tcp\\/ip |
Plus: US govt sounds the alarm on industrial equipment attacks
In Brief Cisco this week emitted fixes for potentially serious vulnerabilities, one of which is already being exploited in the wild. The under-attack bug is CVE-2020-3452, a path-traversal flaw in Switchzilla's Adaptive Security Appliance and Firepower Threat Defense software that can be used to "read sensitive files on a targeted system." While there was no publicly available exploit code for the high-severity bug when first publicized, a day after issuing its advisory, Cisco said the flaw was ...