QwikSec

Security Database

CVE

CWE

Training

CVE-2020-35683

Published: Aug 19, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.hcc-embedded.com

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf

x_refsource_CONFIRM

https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/

x_refsource_MISC

third-party-advisory

x_refsource_CERT-VN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.