CVE-2020-27630
Published Oct 10, 2023
·Updated
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.
Affected Software
14 affected components
Silabs Uc\/tcp-ip=3.6.0
Multiple Nut/Net, Version 5.1 and prior
Multiple CycloneTCP, Version 1.9.6 and prior
Multiple NDKTCPIP, Version 2.25 and prior
Multiple FNET, Version 4.6.3
Multiple uIP-Contiki-OS (end-of-life [EOL]), Version 3.0 and prior
Multiple uC/TCP-IP (EOL), Version 3.6.0 and prior
Multiple uIP-Contiki-NG, Version 4.5 and prior
Multiple uIP (EOL), Version 1.0 and prior
Multiple picoTCP-NG, Version 1.7.0 and prior
Multiple picoTCP (EOL), Version 1.7.0 and prior
Multiple MPLAB Net, Version 3.6.1 and prior
Multiple Nucleus NET, All versions prior to Version 5.2
Multiple Nucleus ReadyStart for ARM, MIPS, and PPC, All versions prior to Version 2012.12
Event History
Oct 10, 2023
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Frequently Asked Questions
1
What is CVE-2020-27630?
CVE-2020-27630 is a vulnerability in Silicon Labs uC/TCP-IP 3.6.0 where TCP ISNs are improperly random.
2
What is the severity of CVE-2020-27630?
CVE-2020-27630 has a severity rating of 9.8 (critical).
3
How does CVE-2020-27630 affect Silicon Labs uC/TCP-IP?
CVE-2020-27630 affects Silicon Labs uC/TCP-IP 3.6.0 by improperly randomizing TCP ISNs.
4
What is the Common Weakness Enumeration (CWE) ID for CVE-2020-27630?
The CWE ID for CVE-2020-27630 is CWE-330.
5
How can I fix the vulnerability in Silicon Labs uC/TCP-IP 3.6.0 (CVE-2020-27630)?
To fix the vulnerability, it is recommended to update to a patched version of Silicon Labs uC/TCP-IP.