// For flags

CVE-2020-28388

 

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones.

Se ha identificado una vulnerabilidad en Capital VSTAR (Todas las versiones), Nucleus NET (Todas las versiones anteriores a V5.2), Nucleus ReadyStart V3 (Todas las versiones anteriores a V2012.12), Nucleus Source Code (Todas las versiones), PLUSCONTROL 1st Gen (Todas las versiones). Los números de secuencia iniciales (ISN) para las conexiones TCP se derivan de una fuente insuficientemente aleatoria. Como resultado, el ISN de las conexiones TCP actuales y futuras podría ser predecible. Un atacante podría secuestrar las sesiones existentes o falsificar las futuras

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-11-10 CVE Reserved
  • 2021-02-09 CVE Published
  • 2023-10-26 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-342: Predictable Exact Value from Previous Values
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
Nucleus Readystart
Search vendor "Siemens" for product "Nucleus Readystart"
< 2012.12
Search vendor "Siemens" for product "Nucleus Readystart" and version " < 2012.12"
-
Affected
in Arm
Search vendor "Arm"
Arm
Search vendor "Arm" for product "Arm"
--
Safe
Siemens
Search vendor "Siemens"
Nucleus Readystart
Search vendor "Siemens" for product "Nucleus Readystart"
< 2012.12
Search vendor "Siemens" for product "Nucleus Readystart" and version " < 2012.12"
-
Affected
in Mips
Search vendor "Mips"
Mips
Search vendor "Mips" for product "Mips"
--
Safe
Siemens
Search vendor "Siemens"
Nucleus Readystart
Search vendor "Siemens" for product "Nucleus Readystart"
< 2012.12
Search vendor "Siemens" for product "Nucleus Readystart" and version " < 2012.12"
-
Affected
in Powerpc Project
Search vendor "Powerpc Project"
Powerpc
Search vendor "Powerpc Project" for product "Powerpc"
--
Safe
Siemens
Search vendor "Siemens"
Capital Vstar
Search vendor "Siemens" for product "Capital Vstar"
*-
Affected
Siemens
Search vendor "Siemens"
Nucleus Net
Search vendor "Siemens" for product "Nucleus Net"
< 5.2
Search vendor "Siemens" for product "Nucleus Net" and version " < 5.2"
-
Affected
Siemens
Search vendor "Siemens"
Nucleus Source Code
Search vendor "Siemens" for product "Nucleus Source Code"
*-
Affected
Siemens
Search vendor "Siemens"
Pluscontrol 1st Gen
Search vendor "Siemens" for product "Pluscontrol 1st Gen"
*-
Affected