CVE-2020-27338

Name of the Vulnerable Software and Affected Versions Treck IPv6 versions prior to 6.0.1.68

Description The issue is related to improper input validation in the DHCPv6 client component, allowing an unauthenticated remote attacker to cause an Out of Bounds Read, and possibly a Denial of Service via adjacent network access. This can be exploited by a remote attacker to disrupt service.

Recommendations For versions prior to 6.0.1.68, update to version 6.0.1.68 or later to resolve the issue. As a temporary workaround, consider restricting access to the DHCPv6 client component to minimize the risk of exploitation.