Vulnerability-Lookup

URL	Tags
https://www.kb.cert.org/vuls/id/257161/	x_refsource_MISC
https://www.treck.com	x_refsource_MISC
https://jsof-tech.com/vulnerability-disclosure-policy/	x_refsource_MISC
https://www.kb.cert.org/vuls/id/257161	third-party-advisoryx_refsource_CERT-VN
https://www.jsof-tech.com/ripple20/	x_refsource_MISC
https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
https://www.dell.com/support/article/de-de/sln321…	x_refsource_MISC

CERTFR-2020-AVI-375

Vulnerability from certfr_avis - Published: - Updated:

Le 16 juin 2020, des chercheurs ont annoncé la découverte de dix-neuf vulnérabilités dans l'implémentation de la pile TCP/IP de Treck.

Ce composant est utilisé dans de nombreux systèmes embarqués et objets connectés, dont certains équipements médicaux et équipements de contrôle industriel. Les vulnérabilités les plus critiques permettent une exécution de code arbitraire à distance.

Lorsque des vulnérabilités sont découvertes dans un composant d'aussi bas niveau, il est très difficile de compiler une liste exhaustive de produits vulnérables. De plus, la simple présence de ce composant dans un produit n'implique pas forcément que celui-ci est vulnérable, parce que la vulnérabilité a déjà été corrigée ou encore parce que ce composant a été modifié et que la vulnérabilité n'est pas forcément atteignable.

Le CERT Carneggie Mellon ainsi que les chercheurs ont proposé sur leurs sites respectifs une liste de produits vulnérables et certains éditeurs ont déjà communiqué sur le statut de leurs produits (cf. section Documentation).

Parmi les dix-neuf vulnérabilités, les trois les plus critiques sont identifiées comme :

CVE-2020-11896 : des datagrammes UDP fragmentés sur plusieurs paquets IP peuvent permettre un exécution de code arbitraire à distance ou un déni de service à distance sur des équipements avec une fonction d'IP Tunneling activée ;
CVE-2020-11897 : des paquets IPv6 mal formés permettent une exécution de code arbitraire à distance [1] ;
CVE-2020-11901 : une réponse DNS mal formée permet une exécution de code arbitraire à distance.

Si ces vulnérabilités sont jugées critiques, leur impact est atténué par les conditions d’exploitabilité.

Il convient donc de vérifier dans un premier temps si les équipements en bordure de réseau sont dans une configuration vulnérable. Si c'est le cas, il faut alors appliquer les mises à jour si elles sont disponibles ou mettre en œuvre les mesures de contournement.

[mise à jour du 26 octobre 2020] Les avis de sécurité Schneider Electric SEVD-2020-174-01 et SEVD-2020-175-01 ont été mis à jour le 22 octobre 2020 suite à la découverte d'impacts supplémentaires sur les produits Schneider. Des correctifs sont en cours de développement, certains ont déjà été publiés et des mesures de contournement sont identifiées et listées dans les avis à jour.

[1] cette vulnérabilité a été corrigée dans la version 5.0.1.35, sans être accompagnée d'un avis de sécurité à l'époque de sa mise à disposition.

Solution

Se référer au bulletin de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	versions de la pile TCP/IP de Treck antérieures à 6.0.1.66

References

Title

Publication Time

CERTFR-2020-AVI-375

Vulnerability from certfr_avis - Published: - Updated:

Le 16 juin 2020, des chercheurs ont annoncé la découverte de dix-neuf vulnérabilités dans l'implémentation de la pile TCP/IP de Treck.

Ce composant est utilisé dans de nombreux systèmes embarqués et objets connectés, dont certains équipements médicaux et équipements de contrôle industriel. Les vulnérabilités les plus critiques permettent une exécution de code arbitraire à distance.

Lorsque des vulnérabilités sont découvertes dans un composant d'aussi bas niveau, il est très difficile de compiler une liste exhaustive de produits vulnérables. De plus, la simple présence de ce composant dans un produit n'implique pas forcément que celui-ci est vulnérable, parce que la vulnérabilité a déjà été corrigée ou encore parce que ce composant a été modifié et que la vulnérabilité n'est pas forcément atteignable.

Le CERT Carneggie Mellon ainsi que les chercheurs ont proposé sur leurs sites respectifs une liste de produits vulnérables et certains éditeurs ont déjà communiqué sur le statut de leurs produits (cf. section Documentation).

Parmi les dix-neuf vulnérabilités, les trois les plus critiques sont identifiées comme :

CVE-2020-11896 : des datagrammes UDP fragmentés sur plusieurs paquets IP peuvent permettre un exécution de code arbitraire à distance ou un déni de service à distance sur des équipements avec une fonction d'IP Tunneling activée ;
CVE-2020-11897 : des paquets IPv6 mal formés permettent une exécution de code arbitraire à distance [1] ;
CVE-2020-11901 : une réponse DNS mal formée permet une exécution de code arbitraire à distance.

Si ces vulnérabilités sont jugées critiques, leur impact est atténué par les conditions d’exploitabilité.

Il convient donc de vérifier dans un premier temps si les équipements en bordure de réseau sont dans une configuration vulnérable. Si c'est le cas, il faut alors appliquer les mises à jour si elles sont disponibles ou mettre en œuvre les mesures de contournement.

[mise à jour du 26 octobre 2020] Les avis de sécurité Schneider Electric SEVD-2020-174-01 et SEVD-2020-175-01 ont été mis à jour le 22 octobre 2020 suite à la découverte d'impacts supplémentaires sur les produits Schneider. Des correctifs sont en cours de développement, certains ont déjà été publiés et des mesures de contournement sont identifiées et listées dans les avis à jour.

[1] cette vulnérabilité a été corrigée dans la version 5.0.1.35, sans être accompagnée d'un avis de sécurité à l'époque de sa mise à disposition.

Solution

Se référer au bulletin de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	versions de la pile TCP/IP de Treck antérieures à 6.0.1.66

References

Title

Publication Time

BDU:2021-02071

Vulnerability from fstec - Published: 17.06.2020

Title

Уязвимость стека протоколов Treck TCP/IP, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость стека протоколов Treck TCP/IP существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код с помощью специально сформированного ответа DNS

Severity


                    
                      AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Vendor

Treck Inc., Cisco Systems Inc., HP Inc.

Software Name

Treck TCP/IP, ASR 5000, ASR 5500, Cisco Virtual Packet Core, HP Color Laser MFP 178/179, HP Color LaserJet Pro M154, HP Color LaserJet Pro M155, HP Color LaserJet Pro M252, HP Color LaserJet Pro M254, HP Color LaserJet Pro M255, HP Color LaserJet Pro M452, HP Coolor LaserJet Pro MFP M176, HP Coolor LaserJet Pro MFP M177, HP Color LaserJet Pro MFP M180, HP Color LaserJet Pro MFP M181, HP Color LaserJet Pro MFP M182, HP Color LaserJet Pro MFP M183, HP Color LaserJet Pro MFP M277, HP Color LaserJet Pro MFP M274, HP Color LaserJet Pro MFP M280, HP Color LaserJet Pro MFP M281, HP Color LaserJet Pro MFP M282, HP Color LaserJet Pro MFP M283, HP Color LaserJet Pro MFP M377, HP Color LaserJet Pro MFP M477, HP Laser MFP 133, HP Laser MFP 135, HP Laser MFP 137, HP LaserJet Pro MFP M125, HP LaserJet Pro MFP M126, HP LaserJet Pro MFP M127, HP LaserJet Pro MFP M128, HP LaserJet MFP M72625-M72630, HP LaserJet Multifunction Printer series M1130, HP LaserJet Multifunction Printer series M1200, HP LaserJet Pro 400 M401, HP LaserJet Pro 400 MFP M425, HP LaserJet Pro 500 color MFP M570, HP LaserJet Pro M102, HP LaserJet Pro M104, HP LaserJet Pro M106, HP LaserJet Pro M12w, HP LaserJet Pro M15, HP LaserJet Pro M16, HP LaserJet Pro M17, HP LaserJet Pro M201, HP LaserJet Pro M202, HP LaserJet Pro M206, HP LaserJet Pro M118, HP LaserJet Pro M225, HP LaserJet Pro M226, HP LaserJet Pro M402, HP LaserJet Pro M403, HP LaserJet Pro M435, HP LaserJet Pro M501, HP LaserJet Pro M521, HP LaserJet Pro M701, HP LaserJet Pro M706, HP LaserJet Pro MFP M130, HP LaserJet Pro MFP M132, HP LaserJet Pro MFP M134, HP LaserJet Pro MFP M26, HP LaserJet Pro MFP M29, HP LaserJet Pro MFP M31, HP LaserJet Pro MFP M427, HP LaserJet Pro P1102, HP LaserJet Pro P1106, HP LaserJet Pro P1108, HP LaserJet Ultra MFP M230, HP LaserJet Pro MFP M227, HP LaserJet Pro MFP M148, HP LaserJet Pro MFP M149, HP Neverstop Laser 1000, HP Neverstop Laser 1020, HP Neverstop Laser 1200a, HP Neverstop Laser 1005c, Samsung MultiXpress SL-K302NR/GOV, Samsung MultiXpress SL-K3250NR, Samsung MultiXpress SL-K3300NR, Samsung MultiXpress SL-X3220NR, Samsung MultiXpress SL-X3280NR, Samsung Printer proXpress SL-C3510ND, Samsung Printer proXpress SL-C3510ND/SLI, Samsung Printer proXpress SL-C4010N, Samsung Printer proXpress SL-C4010ND, Samsung Printer proXpress SL-C4010ND/GOV, Samsung ProXpress SL-C3060FR Color Laser Multifunction Printer, Samsung ProXpress SL-C3060ND Color Laser Multifunction Printer, Samsung proXpress SL series, Samsung proXpress SL-M4530ND, Samsung Xpress SL-M2835 Laser Printer, Samsung Xpress SL-M2885 Laser Multifunction Printer, HP Deskjet 2540 All-in-One/ HP Deskjet 2545 All-in-One, HP DeskJet 2600 All-in-One Printer, HP DeskJet 2700 All-in-One Printer, HP DeskJet Ink Advantage 2700 All-in-One series, HP DeskJet Plus 4100 All-in-One series, HP DeskJet Plus Ink Advantage 4100 All-in-One series, HP Deskjet 3520 e-All-in-One, HP DeskJet 3630 All-in-One Printer, HP DeskJet 3790 series, HP Deskjet 5520 e-All-in-One, HP DeskJet GT 5820 All-in-One Printer, HP DeskJet Ink Advantage 2600 All-in-One Printer, HP Deskjet Ink Advantage 3540 e-All-in-One Printer, HP DeskJet Ink Advantage 3630 All-in-One Printer, HP DeskJet Ink Advantage 3700 All-in-One Printer series, HP Deskjet Ink Advantage 3830 e-All-in-One Printer, HP Deskjet Ink Advantage 4530 All-in-One Printer, HP DeskJet Ink Advantage 4670 All-in-One Printer, HP DeskJet Ink Advantage 5570 All-in-One Printer, HP DeskJet Ink Advantage Ultra 4720 All-in-One Printer, HP ENVY 4500 e-All-in-One Printer, HP ENVY 4510 All-in-One Printer, HP Envy 4520 All-in-One Printer, HP ENVY 5530 e-All-in-One Printer, HP ENVY 5540 All-in-One Printer, HP ENVY 5640 e-All-in-One Printer, HP ENVY 5660 e-All-in-One Printer, HP ENVY 7640 e-All-in-One Printer series, HP Ink Tank Wireless 410, HP Officejet 200 Mobile Printer Series, HP Officejet 202 Mobile Printer Series, HP OfficeJet 250 Mobile Series, HP Officejet 3830 e-All-in-One Printer, HP Officejet 4630 e-All-in-One Printer, HP OfficeJet 4650 All-in-One Printer, HP Officejet 5740 e-All-in-One Printer series, HP OfficeJet 6950 All-in-One, HP OfficeJet 6960 All-in-One, HP OfficeJet Pro 6960 All-in-One, HP Officejet 7110 Wide Format ePrinter, HP Officejet 7510 Wide Format e-All-in-One, HP Officejet 7610 Wide Format e-All-in-One, HP Officejet Pro 6230 / 6220 ePrinter, HP OfficeJet Pro 6970 All-in-One Printer series, HP Officejet Pro 8630 e-All-in-One, HP OfficeJet Pro 8710 All-in-One Printer series, HP OfficeJet Pro 8720 All-in-One Printer series, HP OfficeJet Pro X451 Printer, HP OfficeJet Pro X551 Printer, HP OfficeJet Pro X476 Multifunction Printer, HP OfficeJet Pro X576 Multifunction Printer, HP Photosmart 6520 e-All-in-One, HP Smart Tank Wireless 450, HP DesignJet series

Software Version

до 6.0.1.66 (Treck TCP/IP), до 21.5.27 (ASR 5000), до 21.20.2 (ASR 5500), до 21.20.2 (Cisco Virtual Packet Core), до 3.82.01.08 (HP Color Laser MFP 178/179), до 20200612 (HP Color LaserJet Pro M154), до 20200603 (HP Color LaserJet Pro M155), до 20200623 (HP Color LaserJet Pro M252), до 20200612 (HP Color LaserJet Pro M254), до 20200603 (HP Color LaserJet Pro M255), до 20200612 (HP Color LaserJet Pro M452), до 20200531 (HP Coolor LaserJet Pro MFP M176), до 20200531 (HP Coolor LaserJet Pro MFP M177), до 20200612 (HP Color LaserJet Pro MFP M180), до 20200612 (HP Color LaserJet Pro MFP M181), до 20200603 (HP Color LaserJet Pro MFP M182), до 20200603 (HP Color LaserJet Pro MFP M183), до 20200623 (HP Color LaserJet Pro MFP M277), до 20200623 (HP Color LaserJet Pro MFP M274), до 20200612 (HP Color LaserJet Pro MFP M280), до 20200612 (HP Color LaserJet Pro MFP M281), до 20200603 (HP Color LaserJet Pro MFP M282), до 20200603 (HP Color LaserJet Pro MFP M283), до 20200612 (HP Color LaserJet Pro MFP M377), до 20200612 (HP Color LaserJet Pro MFP M477), до 3.82.01.11 (HP Laser MFP 133), до 3.82.01.11 (HP Laser MFP 135), до 3.82.01.11 (HP Laser MFP 137), до 20200531 (HP LaserJet Pro MFP M125), до 20200531 (HP LaserJet Pro MFP M126), до 20200531 (HP LaserJet Pro MFP M127), до 20200531 (HP LaserJet Pro MFP M128), до 3.82.11.04 (HP LaserJet MFP M72625-M72630), до 20200617 (HP LaserJet Multifunction Printer series M1130), до 20200617 (HP LaserJet Multifunction Printer series M1200), до 20200714 (HP LaserJet Pro 400 M401), до 20200714 (HP LaserJet Pro 400 MFP M425), до 20200625 (HP LaserJet Pro 500 color MFP M570), до 20200605 (HP LaserJet Pro M102), до 20200605 (HP LaserJet Pro M104), до 20200605 (HP LaserJet Pro M106), до 20200617 (HP LaserJet Pro M12w), до 20200609 (HP LaserJet Pro M15), до 20200609 (HP LaserJet Pro M16), до 20200609 (HP LaserJet Pro M17), до 20200619 (HP LaserJet Pro M201), до 20200619 (HP LaserJet Pro M202), до 20200605 (HP LaserJet Pro M206), до 20200605 (HP LaserJet Pro M118), до 20200619 (HP LaserJet Pro M225), до 20200619 (HP LaserJet Pro M226), до 20200612 (HP LaserJet Pro M402), до 20200612 (HP LaserJet Pro M403), до 20200707 (HP LaserJet Pro M435), до 20200612 (HP LaserJet Pro M501), до 20200625 (HP LaserJet Pro M521), до 20200707 (HP LaserJet Pro M701), до 20200707 (HP LaserJet Pro M706), до 20200605 (HP LaserJet Pro MFP M130), до 20200605 (HP LaserJet Pro MFP M132), до 20200605 (HP LaserJet Pro MFP M134), до 20200531 (HP LaserJet Pro MFP M26), до 20200609 (HP LaserJet Pro MFP M29), до 20200609 (HP LaserJet Pro MFP M31), до 20200612 (HP LaserJet Pro MFP M31), до 20200612 (HP LaserJet Pro MFP M427), до 20200617 (HP LaserJet Pro P1102), до 20200617 (HP LaserJet Pro P1106), до 20200617 (HP LaserJet Pro P1108), до 20200605 (HP LaserJet Ultra MFP M230), до 20200605 (HP LaserJet Pro MFP M227), до 20200605 (HP LaserJet Pro MFP M148), до 20200605 (HP LaserJet Pro MFP M149), до 20200609 (HP Neverstop Laser 1000), до 20200609 (HP Neverstop Laser 1020), до 20200609 (HP Neverstop Laser 1200a), до 20200609 (HP Neverstop Laser 1005c), до 3.00.11.04 (Samsung MultiXpress SL-K302NR/GOV), до 3.00.11.04 (Samsung MultiXpress SL-K3250NR), до 3.00.11.04 (Samsung MultiXpress SL-K3300NR), до 3.00.11.08 (Samsung MultiXpress SL-X3220NR), до 3.00.11.08 (Samsung MultiXpress SL-X3280NR), до 3.00.05.06 (Samsung Printer proXpress SL-C3510ND), до 3.00.05.06 (Samsung Printer proXpress SL-C3510ND/SLI), до 3.00.05.06 (Samsung Printer proXpress SL-C4010N), до 3.00.05.06 (Samsung Printer proXpress SL-C4010ND), до 3.00.05.06 (Samsung Printer proXpress SL-C4010ND/GOV), до 3.00.09.00 (Samsung Printer proXpress SL-C4010ND/GOV), до 3.00.11.00 (Samsung ProXpress SL-C3060FR Color Laser Multifunction Printer), до 3.00.11.00 (Samsung ProXpress SL-C3060ND Color Laser Multifunction Printer), до 4.00.02.20 (Samsung proXpress SL series), до 3.00.01.25 (Samsung proXpress SL-M4530ND), до 3.00.01.14 (Samsung Xpress SL-M2835 Laser Printer), до 3.00.01.18 (Samsung Xpress SL-M2885 Laser Multifunction Printer), до 2023B (HP Deskjet 2540 All-in-One/ HP Deskjet 2545 All-in-One), до 2021B (HP DeskJet 2600 All-in-One Printer), до 2021D (HP DeskJet 2700 All-in-One Printer), до 2021D (HP DeskJet Ink Advantage 2700 All-in-One series), до 2021D (HP DeskJet Plus 4100 All-in-One series), до 2021D (HP DeskJet Plus Ink Advantage 4100 All-in-One series), до 2023A (HP Deskjet 3520 e-All-in-One), до 2020C (HP DeskJet 3630 All-in-One Printer), до 2022A (HP DeskJet 3790 series), до 2023A (HP Deskjet 5520 e-All-in-One), до 2027B (HP DeskJet GT 5820 All-in-One Printer), до 2021B (HP DeskJet Ink Advantage 2600 All-in-One Printer), до 2025A (HP Deskjet Ink Advantage 3540 e-All-in-One Printer), до 2020C (HP DeskJet Ink Advantage 3630 All-in-One Printer), до 2020B (HP DeskJet Ink Advantage 3700 All-in-One Printer series), до 2021A (HP Deskjet Ink Advantage 3830 e-All-in-One Printer), до 2023B (HP Deskjet Ink Advantage 4530 All-in-One Printer), до 2022A (HP DeskJet Ink Advantage 4670 All-in-One Printer), до 2023A (HP DeskJet Ink Advantage 5570 All-in-One Printer), до 2020B (HP DeskJet Ink Advantage Ultra 4720 All-in-One Printer), до 2025A (HP ENVY 4500 e-All-in-One Printer), до 2023B (HP ENVY 4510 All-in-One Printer), до 2023B (HP Envy 4520 All-in-One Printer), до 2024A (HP ENVY 5530 e-All-in-One Printer), до 2023A (HP ENVY 5540 All-in-One Printer), до 2023A (HP ENVY 5640 e-All-in-One Printer), до 2023A (HP ENVY 5660 e-All-in-One Printer), до 2022A (HP ENVY 7640 e-All-in-One Printer series), до 2020A (HP Ink Tank Wireless 410), до 2020B (HP Officejet 200 Mobile Printer Series), до 2020B (HP Officejet 202 Mobile Printer Series), до 2020B (HP OfficeJet 250 Mobile Series), до 2021A (HP Officejet 3830 e-All-in-One Printer), до 2025A (HP Officejet 4630 e-All-in-One Printer), до 2022A (HP OfficeJet 4650 All-in-One Printer), до 2022A (HP Officejet 5740 e-All-in-One Printer series), до 2020B (HP OfficeJet 6950 All-in-One), до 2020C (HP OfficeJet 6960 All-in-One), до 2020C (HP OfficeJet Pro 6960 All-in-One), до 2020B (HP Officejet 7110 Wide Format ePrinter), до 2022A (HP Officejet 7510 Wide Format e-All-in-One), до 2022A (HP Officejet 7610 Wide Format e-All-in-One), до 2021A (HP Officejet Pro 6230 / 6220 ePrinter), до 2020C (HP OfficeJet Pro 6970 All-in-One Printer series), до 2022A (HP Officejet Pro 8630 e-All-in-One), до 2020A (HP OfficeJet Pro 8710 All-in-One Printer series), до 2020A (HP OfficeJet Pro 8720 All-in-One Printer series), до 2022A (HP OfficeJet Pro X451 Printer), до 2022A (HP OfficeJet Pro X551 Printer), до 2022A (HP OfficeJet Pro X476 Multifunction Printer), до 2022A (HP OfficeJet Pro X576 Multifunction Printer), до 2024A (HP Photosmart 6520 e-All-in-One), до 2020A (HP Smart Tank Wireless 450), до 2023A (HP DesignJet series)

Possible Mitigations

Использование рекомендаций: Для Treck TCP/IP: https://www.treck.com/ Для программных продуктов Cisco Systems Inc.: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC Для Hewlett-Packard Development Company L.P.: https://support.hp.com/us-en/document/c06640149

Reference

https://www.treck.com/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC https://support.hp.com/us-en/document/c06640149

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Treck Inc., Cisco Systems Inc., HP Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 6.0.1.66 (Treck TCP/IP), \u0434\u043e 21.5.27 (ASR 5000), \u0434\u043e 21.20.2 (ASR 5500), \u0434\u043e 21.20.2 (Cisco Virtual Packet Core), \u0434\u043e 3.82.01.08 (HP Color Laser MFP 178/179), \u0434\u043e 20200612 (HP Color LaserJet Pro M154), \u0434\u043e 20200603 (HP Color LaserJet Pro M155), \u0434\u043e 20200623 (HP Color LaserJet Pro M252), \u0434\u043e 20200612 (HP Color LaserJet Pro M254), \u0434\u043e 20200603 (HP Color LaserJet Pro M255), \u0434\u043e 20200612 (HP Color LaserJet Pro M452), \u0434\u043e 20200531 (HP Coolor LaserJet Pro MFP M176), \u0434\u043e 20200531 (HP Coolor LaserJet Pro MFP M177), \u0434\u043e 20200612 (HP Color LaserJet Pro MFP M180), \u0434\u043e 20200612 (HP Color LaserJet Pro MFP M181), \u0434\u043e 20200603 (HP Color LaserJet Pro MFP M182), \u0434\u043e 20200603 (HP Color LaserJet Pro MFP M183), \u0434\u043e 20200623 (HP Color LaserJet Pro MFP M277), \u0434\u043e 20200623 (HP Color LaserJet Pro MFP M274), \u0434\u043e 20200612 (HP Color LaserJet Pro MFP M280), \u0434\u043e 20200612 (HP Color LaserJet Pro MFP M281), \u0434\u043e 20200603 (HP Color LaserJet Pro MFP M282), \u0434\u043e 20200603 (HP Color LaserJet Pro MFP M283), \u0434\u043e 20200612 (HP Color LaserJet Pro MFP M377), \u0434\u043e 20200612 (HP Color LaserJet Pro MFP M477), \u0434\u043e 3.82.01.11 (HP Laser MFP 133), \u0434\u043e 3.82.01.11 (HP Laser MFP 135), \u0434\u043e 3.82.01.11 (HP Laser MFP 137), \u0434\u043e 20200531 (HP LaserJet Pro MFP M125), \u0434\u043e 20200531 (HP LaserJet Pro MFP M126), \u0434\u043e 20200531 (HP LaserJet Pro MFP M127), \u0434\u043e 20200531 (HP LaserJet Pro MFP M128), \u0434\u043e 3.82.11.04 (HP LaserJet MFP M72625-M72630), \u0434\u043e 20200617 (HP LaserJet Multifunction Printer series M1130), \u0434\u043e 20200617 (HP LaserJet Multifunction Printer series M1200), \u0434\u043e 20200714 (HP LaserJet Pro 400 M401), \u0434\u043e 20200714 (HP LaserJet Pro 400 MFP M425), \u0434\u043e 20200625 (HP LaserJet Pro 500 color MFP M570), \u0434\u043e 20200605 (HP LaserJet Pro M102), \u0434\u043e 20200605 (HP LaserJet Pro M104), \u0434\u043e 20200605 (HP LaserJet Pro M106), \u0434\u043e 20200617 (HP LaserJet Pro M12w), \u0434\u043e 20200609 (HP LaserJet Pro M15), \u0434\u043e 20200609 (HP LaserJet Pro M16), \u0434\u043e 20200609 (HP LaserJet Pro M17), \u0434\u043e 20200619 (HP LaserJet Pro M201), \u0434\u043e 20200619 (HP LaserJet Pro M202), \u0434\u043e 20200605 (HP LaserJet Pro M206), \u0434\u043e 20200605 (HP LaserJet Pro M118), \u0434\u043e 20200619 (HP LaserJet Pro M225), \u0434\u043e 20200619 (HP LaserJet Pro M226), \u0434\u043e 20200612 (HP LaserJet Pro M402), \u0434\u043e 20200612 (HP LaserJet Pro M403), \u0434\u043e 20200707 (HP LaserJet Pro M435), \u0434\u043e 20200612 (HP LaserJet Pro M501), \u0434\u043e 20200625 (HP LaserJet Pro M521), \u0434\u043e 20200707 (HP LaserJet Pro M701), \u0434\u043e 20200707 (HP LaserJet Pro M706), \u0434\u043e 20200605 (HP LaserJet Pro MFP M130), \u0434\u043e 20200605 (HP LaserJet Pro MFP M132), \u0434\u043e 20200605 (HP LaserJet Pro MFP M134), \u0434\u043e 20200531 (HP LaserJet Pro MFP M26), \u0434\u043e 20200609 (HP LaserJet Pro MFP M29), \u0434\u043e 20200609 (HP LaserJet Pro MFP M31), \u0434\u043e 20200612 (HP LaserJet Pro MFP M31), \u0434\u043e 20200612 (HP LaserJet Pro MFP M427), \u0434\u043e 20200617 (HP LaserJet Pro P1102), \u0434\u043e 20200617 (HP LaserJet Pro P1106), \u0434\u043e 20200617 (HP LaserJet Pro P1108), \u0434\u043e 20200605 (HP LaserJet Ultra MFP M230), \u0434\u043e 20200605 (HP LaserJet Pro MFP M227), \u0434\u043e 20200605 (HP LaserJet Pro MFP M148), \u0434\u043e 20200605 (HP LaserJet Pro MFP M149), \u0434\u043e 20200609 (HP Neverstop Laser 1000), \u0434\u043e 20200609 (HP Neverstop Laser 1020), \u0434\u043e 20200609 (HP Neverstop Laser 1200a), \u0434\u043e 20200609 (HP Neverstop Laser 1005c), \u0434\u043e 3.00.11.04 (Samsung MultiXpress SL-K302NR/GOV), \u0434\u043e 3.00.11.04 (Samsung MultiXpress SL-K3250NR), \u0434\u043e 3.00.11.04 (Samsung MultiXpress SL-K3300NR), \u0434\u043e 3.00.11.08 (Samsung MultiXpress SL-X3220NR), \u0434\u043e 3.00.11.08 (Samsung MultiXpress SL-X3280NR), \u0434\u043e 3.00.05.06 (Samsung Printer proXpress SL-C3510ND), \u0434\u043e 3.00.05.06 (Samsung Printer proXpress SL-C3510ND/SLI), \u0434\u043e 3.00.05.06 (Samsung Printer proXpress SL-C4010N), \u0434\u043e 3.00.05.06 (Samsung Printer proXpress SL-C4010ND), \u0434\u043e 3.00.05.06 (Samsung Printer proXpress SL-C4010ND/GOV), \u0434\u043e 3.00.09.00 (Samsung Printer proXpress SL-C4010ND/GOV), \u0434\u043e 3.00.11.00 (Samsung ProXpress SL-C3060FR Color Laser Multifunction Printer), \u0434\u043e 3.00.11.00 (Samsung ProXpress SL-C3060ND Color Laser Multifunction Printer), \u0434\u043e 4.00.02.20 (Samsung proXpress SL series), \u0434\u043e 3.00.01.25 (Samsung proXpress SL-M4530ND), \u0434\u043e 3.00.01.14 (Samsung Xpress SL-M2835 Laser Printer), \u0434\u043e 3.00.01.18 (Samsung Xpress SL-M2885 Laser Multifunction Printer), \u0434\u043e 2023B (HP Deskjet 2540 All-in-One/ HP Deskjet 2545 All-in-One), \u0434\u043e 2021B (HP DeskJet 2600 All-in-One Printer), \u0434\u043e 2021D (HP DeskJet 2700 All-in-One Printer), \u0434\u043e 2021D (HP DeskJet Ink Advantage 2700 All-in-One series), \u0434\u043e 2021D (HP DeskJet Plus 4100 All-in-One series), \u0434\u043e 2021D (HP DeskJet Plus Ink Advantage 4100 All-in-One series), \u0434\u043e 2023A (HP Deskjet 3520 e-All-in-One), \u0434\u043e 2020C (HP DeskJet 3630 All-in-One Printer), \u0434\u043e 2022A (HP DeskJet 3790 series), \u0434\u043e 2023A (HP Deskjet 5520 e-All-in-One), \u0434\u043e 2027B (HP DeskJet GT 5820 All-in-One Printer), \u0434\u043e 2021B (HP DeskJet Ink Advantage 2600 All-in-One Printer), \u0434\u043e 2025A (HP Deskjet Ink Advantage 3540 e-All-in-One Printer), \u0434\u043e 2020C (HP DeskJet Ink Advantage 3630 All-in-One Printer), \u0434\u043e 2020B (HP DeskJet Ink Advantage 3700 All-in-One Printer series), \u0434\u043e 2021A (HP Deskjet Ink Advantage 3830 e-All-in-One Printer), \u0434\u043e 2023B (HP Deskjet Ink Advantage 4530 All-in-One Printer), \u0434\u043e 2022A (HP DeskJet Ink Advantage 4670 All-in-One Printer), \u0434\u043e 2023A (HP DeskJet Ink Advantage 5570 All-in-One Printer), \u0434\u043e 2020B (HP DeskJet Ink Advantage Ultra 4720 All-in-One Printer), \u0434\u043e 2025A (HP ENVY 4500 e-All-in-One Printer), \u0434\u043e 2023B (HP ENVY 4510 All-in-One Printer), \u0434\u043e 2023B (HP Envy 4520 All-in-One Printer), \u0434\u043e 2024A (HP ENVY 5530 e-All-in-One Printer), \u0434\u043e 2023A (HP ENVY 5540 All-in-One Printer), \u0434\u043e 2023A (HP ENVY 5640 e-All-in-One Printer), \u0434\u043e 2023A (HP ENVY 5660 e-All-in-One Printer), \u0434\u043e 2022A (HP ENVY 7640 e-All-in-One Printer series), \u0434\u043e 2020A (HP Ink Tank Wireless 410), \u0434\u043e 2020B (HP Officejet 200 Mobile Printer Series), \u0434\u043e 2020B (HP Officejet 202 Mobile Printer Series), \u0434\u043e 2020B (HP OfficeJet 250 Mobile Series), \u0434\u043e 2021A (HP Officejet 3830 e-All-in-One Printer), \u0434\u043e 2025A (HP Officejet 4630 e-All-in-One Printer), \u0434\u043e 2022A (HP OfficeJet 4650 All-in-One Printer), \u0434\u043e 2022A (HP Officejet 5740 e-All-in-One Printer series), \u0434\u043e 2020B (HP OfficeJet 6950 All-in-One), \u0434\u043e 2020C (HP OfficeJet 6960 All-in-One), \u0434\u043e 2020C (HP OfficeJet Pro 6960 All-in-One), \u0434\u043e 2020B (HP Officejet 7110 Wide Format ePrinter), \u0434\u043e 2022A (HP Officejet 7510 Wide Format e-All-in-One), \u0434\u043e 2022A (HP Officejet 7610 Wide Format e-All-in-One), \u0434\u043e 2021A (HP Officejet Pro 6230 / 6220 ePrinter), \u0434\u043e 2020C (HP OfficeJet Pro 6970 All-in-One Printer series), \u0434\u043e 2022A (HP Officejet Pro 8630 e-All-in-One), \u0434\u043e 2020A (HP OfficeJet Pro 8710 All-in-One Printer series), \u0434\u043e 2020A (HP OfficeJet Pro 8720 All-in-One Printer series), \u0434\u043e 2022A (HP OfficeJet Pro X451 Printer), \u0434\u043e 2022A (HP OfficeJet Pro X551 Printer), \u0434\u043e 2022A (HP OfficeJet Pro X476 Multifunction Printer), \u0434\u043e 2022A (HP OfficeJet Pro X576 Multifunction Printer), \u0434\u043e 2024A (HP Photosmart 6520 e-All-in-One), \u0434\u043e 2020A (HP Smart Tank Wireless 450), \u0434\u043e 2023A (HP DesignJet series)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Treck TCP/IP:\nhttps://www.treck.com/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Cisco Systems Inc.:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC\n\n\u0414\u043b\u044f Hewlett-Packard Development Company L.P.:\nhttps://support.hp.com/us-en/document/c06640149",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "17.06.2020",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.04.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.04.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-02071",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-11901",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Treck TCP/IP, ASR 5000, ASR 5500, Cisco Virtual Packet Core, HP Color Laser MFP 178/179, HP Color LaserJet Pro M154, HP Color LaserJet Pro M155, HP Color LaserJet Pro M252, HP Color LaserJet Pro M254, HP Color LaserJet Pro M255, HP Color LaserJet Pro M452, HP Coolor LaserJet Pro MFP M176, HP Coolor LaserJet Pro MFP M177, HP Color LaserJet Pro MFP M180, HP Color LaserJet Pro MFP M181, HP Color LaserJet Pro MFP M182, HP Color LaserJet Pro MFP M183, HP Color LaserJet Pro MFP M277, HP Color LaserJet Pro MFP M274, HP Color LaserJet Pro MFP M280, HP Color LaserJet Pro MFP M281, HP Color LaserJet Pro MFP M282, HP Color LaserJet Pro MFP M283, HP Color LaserJet Pro MFP M377, HP Color LaserJet Pro MFP M477, HP Laser MFP 133, HP Laser MFP 135, HP Laser MFP 137, HP LaserJet Pro MFP M125, HP LaserJet Pro MFP M126, HP LaserJet Pro MFP M127, HP LaserJet Pro MFP M128, HP LaserJet MFP M72625-M72630, HP LaserJet Multifunction Printer series M1130, HP LaserJet Multifunction Printer series M1200, HP LaserJet Pro 400 M401, HP LaserJet Pro 400 MFP M425, HP LaserJet Pro 500 color MFP M570, HP LaserJet Pro M102, HP LaserJet Pro M104, HP LaserJet Pro M106, HP LaserJet Pro M12w, HP LaserJet Pro M15, HP LaserJet Pro M16, HP LaserJet Pro M17, HP LaserJet Pro M201, HP LaserJet Pro M202, HP LaserJet Pro M206, HP LaserJet Pro M118, HP LaserJet Pro M225, HP LaserJet Pro M226, HP LaserJet Pro M402, HP LaserJet Pro M403, HP LaserJet Pro M435, HP LaserJet Pro M501, HP LaserJet Pro M521, HP LaserJet Pro M701, HP LaserJet Pro M706, HP LaserJet Pro MFP M130, HP LaserJet Pro MFP M132, HP LaserJet Pro MFP M134, HP LaserJet Pro MFP M26, HP LaserJet Pro MFP M29, HP LaserJet Pro MFP M31, HP LaserJet Pro MFP M427, HP LaserJet Pro P1102, HP LaserJet Pro P1106, HP LaserJet Pro P1108, HP LaserJet Ultra MFP M230, HP LaserJet Pro MFP M227, HP LaserJet Pro MFP M148, HP LaserJet Pro MFP M149, HP Neverstop Laser 1000, HP Neverstop Laser 1020, HP Neverstop Laser 1200a, HP Neverstop Laser 1005c, Samsung MultiXpress SL-K302NR/GOV, Samsung MultiXpress SL-K3250NR, Samsung MultiXpress SL-K3300NR, Samsung MultiXpress SL-X3220NR, Samsung MultiXpress SL-X3280NR, Samsung Printer proXpress SL-C3510ND, Samsung Printer proXpress SL-C3510ND/SLI, Samsung Printer proXpress SL-C4010N, Samsung Printer proXpress SL-C4010ND, Samsung Printer proXpress SL-C4010ND/GOV, Samsung ProXpress SL-C3060FR Color Laser Multifunction Printer, Samsung ProXpress SL-C3060ND Color Laser Multifunction Printer, Samsung proXpress SL series, Samsung proXpress SL-M4530ND, Samsung Xpress SL-M2835 Laser Printer, Samsung Xpress SL-M2885 Laser Multifunction Printer, HP Deskjet 2540 All-in-One/ HP Deskjet 2545 All-in-One, HP DeskJet 2600 All-in-One Printer, HP DeskJet 2700 All-in-One Printer, HP DeskJet Ink Advantage 2700 All-in-One series, HP DeskJet Plus 4100 All-in-One series, HP DeskJet Plus Ink Advantage 4100 All-in-One series, HP Deskjet 3520 e-All-in-One, HP DeskJet 3630 All-in-One Printer, HP DeskJet 3790 series, HP Deskjet 5520 e-All-in-One, HP DeskJet GT 5820 All-in-One Printer, HP DeskJet Ink Advantage 2600 All-in-One Printer, HP Deskjet Ink Advantage 3540 e-All-in-One Printer, HP DeskJet Ink Advantage 3630 All-in-One Printer, HP DeskJet Ink Advantage 3700 All-in-One Printer series, HP Deskjet Ink Advantage 3830 e-All-in-One Printer, HP Deskjet Ink Advantage 4530 All-in-One Printer, HP DeskJet Ink Advantage 4670 All-in-One Printer, HP DeskJet Ink Advantage 5570 All-in-One Printer, HP DeskJet Ink Advantage Ultra 4720 All-in-One Printer, HP ENVY 4500 e-All-in-One Printer, HP ENVY 4510 All-in-One Printer, HP Envy 4520 All-in-One Printer, HP ENVY 5530 e-All-in-One Printer, HP ENVY 5540 All-in-One Printer, HP ENVY 5640 e-All-in-One Printer, HP ENVY 5660 e-All-in-One Printer, HP ENVY 7640 e-All-in-One Printer series, HP Ink Tank Wireless 410, HP Officejet 200 Mobile Printer Series, HP Officejet 202 Mobile Printer Series, HP OfficeJet 250 Mobile Series, HP Officejet 3830 e-All-in-One Printer, HP Officejet 4630 e-All-in-One Printer, HP OfficeJet 4650 All-in-One Printer, HP Officejet 5740 e-All-in-One Printer series, HP OfficeJet 6950 All-in-One, HP OfficeJet 6960 All-in-One, HP OfficeJet Pro 6960 All-in-One, HP Officejet 7110 Wide Format ePrinter, HP Officejet 7510 Wide Format e-All-in-One, HP Officejet 7610 Wide Format e-All-in-One, HP Officejet Pro 6230 / 6220 ePrinter, HP OfficeJet Pro 6970 All-in-One Printer series, HP Officejet Pro 8630 e-All-in-One, HP OfficeJet Pro 8710 All-in-One Printer series, HP OfficeJet Pro 8720 All-in-One Printer series, HP OfficeJet Pro X451 Printer, HP OfficeJet Pro X551 Printer, HP OfficeJet Pro X476 Multifunction Printer, HP OfficeJet Pro X576 Multifunction Printer, HP Photosmart 6520 e-All-in-One, HP Smart Tank Wireless 450, HP DesignJet series",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0435\u043a\u0430 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 Treck TCP/IP, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0435\u043a\u0430 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 Treck TCP/IP \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043e\u0442\u0432\u0435\u0442\u0430 DNS",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.treck.com/\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC\nhttps://support.hp.com/us-en/document/c06640149",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,6)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)"
}

CISCO-SA-TRECK-IP-STACK-JYBQ5GYC

Vulnerability from csaf_cisco - Published: 2020-06-17 20:00 - Updated: 2020-08-21 16:40

Summary

Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020

Notes

Summary: A set of previously unknown vulnerabilities on the Treck IP stack implementation were disclosed on June 16, 2020. The vulnerabilities are collectively known as Ripple20. Exploitation of these vulnerabilities could result in remote code execution, denial of service (DoS), or information disclosure, depending on the specific vulnerability. This advisory will be updated as additional information becomes available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC"]

Affected Products: Cisco investigated its product line to determine which products may be affected by these vulnerabilities. The Vulnerable Products ["#vp"] section of this advisory includes Cisco bug IDs for each affected product. The bugs are accessible through the Cisco Bug Search Tool ["https://bst.cloudapps.cisco.com/bugsearch/bug/BUGID"] and contain additional platform-specific information, including workarounds (if available) and fixed software releases. Any product or service not listed in the Vulnerable Products ["#vp"] section of this advisory is to be considered not vulnerable.

Vulnerable Products: The following table lists Cisco products that are affected by the vulnerabilities that are described in this advisory. If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details. Unless otherwise documented, all software releases prior to the first fixed release are to be considered affected by these vulnerabilities. Product Cisco Bug ID Fixed Release Availability Routing and Switching - Enterprise and Service Provider Cisco ASR 5000 CSCvu68945 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu68945"] 21.5.27 (30 Jul 2020) Cisco ASR 5500 CSCvu68945 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu68945"] 21.5.27 (30 Jul 2020) 21.8.x (14 Sep 2020) 21.9.x (8 Sep 2020) 21.10.x (2 Sep 2020) 21.11.15 (29 Jul 2020) 21.12.x (4 Sep 2020) 21.13.x (31 Aug 2020) 21.14.22 (30 Jul 2020) 21.15.45 (22 Jul 2020) 21.16.x (25 Aug 2020) 21.17.10 (20 Aug 2020) 21.18.8 (24 Aug 2020) 21.19.5 (19 Aug 2020) 21.20.2 (24 Jul 2020) Cisco Virtual Packet Core CSCvu68945 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu68945"] 21.5.27 (30 Jul 2020) 21.8.x (14 Sep 2020) 21.9.x (8 Sep 2020) 21.10.x (2 Sep 2020) 21.11.15 (29 Jul 2020) 21.12.x (4 Sep 2020) 21.13.x (31 Aug 2020) 21.14.22 (30 Jul 2020) 21.15.45 (22 Jul 2020) 21.16.x (25 Aug 2020) 21.17.10 (20 Aug 2020) 21.18.8 (24 Aug 2020) 21.19.5 (19 Aug 2020) 21.20.2 (24 Jul 2020) Note: Exposure to the vulnerabilities may be configuration dependent. See the Cisco bug(s) for the most complete product-specific information. Cisco StarOS Software In the following table, the left column lists the Cisco StarOS Software features that are vulnerable. The right column indicates the basic configuration for the feature from the show running-config CLI command. If a device is configured for one of these features, it is vulnerable. Cisco StarOS Software Feature Vulnerable Configuration URL-based Re-addressing flow action url-readdress server [...] SIP ALG NAT Inspection firewall nat-alg sip [...] H323 ALG NAT Inspection firewall nat-alg h323 [...] Inline TCP Optimization (CUSP) tcp-acceleration [...] If a Cisco StarOS Software deployment uses a vulnerable configuration, as described above, it may be affected by the following vulnerabilities: CVE-2020-11896: Malformed IPv4 Tunneled Packets Processing Remote Code Execution Vulnerability CVE-2020-11898: Malformed IPv4 Packets Processing Out-of-Bounds Read Vulnerability CVE-2020-11899: Improper Input Validation in IPv6 Out-of-Bounds Read Vulnerability CVE-2020-11900: IPv4 Tunneling Component Double-Free Vulnerability CVE-2020-11907: Improper Packet Length Checks Integer Underflow Vulnerability CVE-2020-11909: Improper Input Validation in IPv4 Component CVE-2020-11912: Improper Input Validation in TCP Component CVE-2020-11913: Improper Input Validation in IPv6 Component Cisco has confirmed that Cisco StarOS Software is not affected by the following vulnerabilities: CVE-2020-11897: Malformed IPv6 Packets Processing Out-of-Bounds Read and Write Vulnerability CVE-2020-11901: DNS Response Processing Remote Code Execution Vulnerability CVE-2020-11902: Out-of-Bounds Read When Processing IPv6 over IPv4 Packets CVE-2020-11903: Out-of-Bounds Read Processing DHCP Response CVE-2020-11904: Integer Overflow in Memory Allocation CVE-2020-11905: DHCPv6 Out-of-Bounds Read Vulnerability CVE-2020-11906: Ethernet Link Layer Component Integer Underflow Vulnerability CVE-2020-11908: Improper Null Termination in DHCP Component CVE-2020-11910: Improper Input Validation in ICMPv4 Component CVE-2020-11911: Improper Access Control in ICMPv4 Component CVE-2020-11914: Improper Input Validation in ARP Component

Products Confirmed Not Vulnerable: Only products and services listed in the Vulnerable Products ["#vulnerable"] section of this advisory are known to be affected by these vulnerabilities.

Workarounds: There are no workarounds that address these vulnerabilities. A set of network based mitigations has been documented by the CERT Coordination Center and is available at the following address: https://github.com/CERTCC/PoC-Exploits/blob/master/vu-257161/recommendations.md ["https://github.com/CERTCC/PoC-Exploits/blob/master/vu-257161/recommendations.md"]

Fixed Software: For information about fixed software releases, consult the Cisco bugs identified in the Vulnerable Products ["#vp"] section of this advisory. When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

Vulnerability Policy: To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements: The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerabilities that are described in this advisory.

Source: These vulnerabilities were discovered and reported to CERT/CC by JSOF.

Legal Disclaimer: THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

CVE-2020-11896