CVE-2020-27634

Name of the Vulnerable Software and Affected Versions Contiki version 4.5

Description The issue is related to the improper randomness of TCP Initial Sequence Numbers (ISNs) in the Contiki OS uIP protocol stack implementation. This could allow a remote attacker to gain unauthorized access to protected information.

Recommendations For Contiki version 4.5, consider implementing additional randomness measures for TCP ISNs to mitigate the risk of exploitation. As a temporary workaround, restrict access to sensitive information until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.