CVE-2020-27213

Name of the Vulnerable Software and Affected Versions Ethernut Nut/OS version 5.1

Description An issue was discovered in the code that generates Initial Sequence Numbers (ISNs) for TCP connections, deriving the ISN from an insufficiently random source. This allows an attacker to determine the ISN of current and future TCP connections, potentially hijacking existing ones or spoofing future ones. The ISN generator adheres to RFC 793 but should follow at least the specifications outlined in RFC 6528 for proper ISN generation.

Recommendations For Ethernut Nut/OS version 5.1, consider implementing a more secure ISN generation mechanism that follows the specifications outlined in RFC 6528 to minimize the risk of exploitation. As a temporary workaround, restrict access to sensitive information and monitor for potential TCP connection hijacking or spoofing attempts until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.