PT-2021-17134 · Oryx Embedded · Cyclonetcp
Published
2021-03-08
·
Updated
2021-04-14
·
CVE-2021-26788
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Oryx Embedded CycloneTCP versions 1.7.6 through 2.0.0
Description
The issue is caused by incorrect input validation, which may lead to a denial of service (DoS). An attacker with TCP connectivity to the target system can exploit this by sending a maliciously crafted TCP packet from an unauthenticated endpoint.
Recommendations
For versions 1.7.6 through 2.0.0, update to version 2.0.2 to resolve the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cyclonetcp