contiki-ng
Security Risk Profile
62
/100
highSecurity Risk Score
Comprehensive risk assessment based on 55 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from September 7, 2018 to present
55
Total CVEs
50
Critical+High
0
Exploited
24
Unpatched
Threat Assessment
Avg CVSS
8.5
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
24
Critical/High
Risk Level
62/100
high
Severity Distribution
Critical
24High
26Medium
5Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
0Age Distribution
Common Weaknesses (CWE)
1
Buffer Overflow
17
2
Null Pointer Dereference
2
3
Incorrect Type Cast
1
4
Integer Overflow
1
5
Integer Underflow
1
Most Affected Products
1. Contiki-NG Contiki-NG41
2. ubuntu/open-iscsi9
3. Contiki-NG tinyDTLS6
4. Contiki-NG Contiki-ng.5
5. Multiple (open source) uIP-Contiki-OS (end-of-life [EOL]), Version 3.0 and prior4
Recent Vulnerabilities
See more →CVE-2024-41125
CVSS 8.4high
Out-of-bounds read in SNMP when decoding a string in Contiki-NG
11/27/2024🔧 No Patch
CVE-2024-41126
CVSS 8.4high
Out-of-bounds read when decoding SNMP messages in Contiki-NG
11/27/2024🔧 No Patch
CVE-2024-47181
CVSS 7.5high
Unaligned memory access in RPL option processing in Contiki-NG
11/27/2024🔧 No Patch
CVE-2023-50926
CVSS 7.5high
Unvalidated DIO prefix info length in RPL-Lite in Contiki-NG
2/14/2024
CVE-2023-50927
CVSS 8.6high
Insufficient boundary checks for DIO and DAO messages in RPL-Lite in Contiki-NG
2/14/2024🔧 No Patch
CVE-2023-48229
CVSS 7.6high
Out-of-bounds write in the radio driver for Contiki-NG nRF platforms
2/14/2024
CVE-2021-42143
CVSS 9.1critical
1/24/2024🔧 No Patch
CVE-2021-42144
CVSS 9.8critical
1/24/2024🔧 No Patch
CVE-2021-42147
CVSS 9.1critical
1/24/2024🔧 No Patch
CVE-2021-42145
CVSS 7.5high
1/24/2024🔧 No Patch
Monitor contiki-ng in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.