Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2020-11900 | The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free. | High (8.2) | 2020-06-17 | Environment Specific |
| CVE-2020-11899 | The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | Medium (5.4) | 2020-06-17 | Environment Specific |
| CVE-2020-11897 | The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets. | Critical (10.0) | 2020-06-17 | Environment Specific |
| CVE-2020-11896 | The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | Critical (10.0) | 2020-06-17 | Environment Specific |
| CVE-2020-9289 | Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, Fo… | High (7.5) | 2020-06-16 | Environment Specific |