Ku jira xidhmo TCP/IP iska leh , looga faa'iidaysto dirida baakado si gaar ah loo nashqadeeyay. Nuglaanta waxaa loo qoondeeyay magac kood . Qaar ka mid ah dayacanka ayaa sidoo kale ka muuqda kaydka KASAGO TCP/IP ee Zuken Elmic (Nidaamka Elmic), kaas oo leh xididdo caadi ah oo leh Treck. Xirmada Treck-ka waxaa loo isticmaalaa warshado badan, caafimaad, isgaarsiin, qalab-ku-xidhan iyo aaladaha macaamiisha (laga bilaabo laambadaha smart ilaa madbacadaha iyo sahayda korantada ee aan kala go'in), iyo sidoo kale tamarta, gaadiidka, duulista, ganacsiga iyo qalabka wax soo saarka saliidda.
Bartilmaameedyada xusida mudan ee la adeegsanayo Treck's TCP/IP stack waxaa ka mid ah daabacayaasha shabakada HP iyo chips-yada Intel. Waxyaabaha kale, dhibaatooyinka ku jira xirmada Treck TCP/IP waxay noqdeen sababtii dhawaanahan In Intel AMT iyo ISM subsystems, oo ku shaqeeya soo dirida xirmo shabakad. Jiritaanka dayacanka waxaa xaqiijiyay soosaarayaasha Intel, HP, Hewlett Packard Enterprise, Baxter, Caterpillar, Digi, Rockwell Automation iyo Schneider Electric. Wax badan
, oo alaabtoodu adeegsato kaydka Treck's TCP/IP, wali kama aysan jawaabin dhibaatooyinka. 5 warshadood, oo ay ku jiraan AMD, ayaa sheegay in alaabtoodu aysan u nuglayn dhibaatooyinka.
Dhibaatooyinka ayaa laga helay hirgelinta IPV4, IPv6, UDP, DNS, DHCP, TCP, ICMPv4 iyo borotokoolka ARP, waxaana sababay habraaca khaldan ee cabbirrada cabbirka xogta (iyadoo la adeegsanayo goob cabbir iyadoon la hubin cabbirka xogta dhabta ah), khaladaadka gudaha hubinta macluumaadka gelinta, laban laablaynta xusuusta, akhrinta ka baxsan kaydka, tirada buuxdhaafka ah, xakamaynta gelitaanka khaldan, iyo dhibaatooyinka maaraynta xadhkaha xaddidan.
Labada dhibaato ee ugu khatarta badan (CVE-2020-11896, CVE-2020-11897), kuwaas oo loo qoondeeyey CVSS heerka 10, u ogolaanaya code in lagu fuliyo qalab iyadoo diraya si gaar ah u qaabaysan xidhmooyin IPV4/UDP ama IPV6 xidhmooyin. Dhibaatada ugu horreysa ee muhiimka ah waxay ka muuqataa aaladaha taageera tunnel-ka IPv4, iyo tan labaad ee noocyada la sii daayay ka hor 04.06.2009/6/9 oo leh taageerada IPV2020. Nuglaanta kale ee muhiimka ah (CVSS 11901) waxay ku jirtaa xallinta DNS (CVE-XNUMX-XNUMX) waxayna u oggolaanaysaa fulinta code adoo diraya codsi DNS si gaar ah loo farsameeyey (dhibaatada waxaa loo adeegsaday si loo muujiyo jabsiga Schneider Electric APC UPS waxayna ka muuqataa aaladaha leh Taageerada DNS).
Nuglaanta kale CVE-2020-11898, CVE-2020-11899, CVE-2020-11902, CVE-2020-11903, CVE-2020-11905 u oggolow waxa ku jira IPv4/ICMPv4, IPv6/ICMPv4Over DHCPv, ama DHCPv diraya meelaha xusuusta nidaamka xidhmooyin si gaar ah u qaabaysan. Dhibaatooyinka kale waxay keeni karaan diidmada adeegga ama daadinta xogta hadhaaga ah ee nidaamka kaydiyayaal.
Inta badan baylahda waxaa lagu hagaajiyay Treck 6.0.1.67 (CVE-2020-11897 waxay ku go'an tahay 5.0.1.35, CVE-2020-11900 gudaha 6.0.1.41, CVE-2020-11903 gudaha 6.0.1.28-2020 11908. 4.7.1.27). Maaddaama diyaarinta cusboonaysiinta firmware ee aaladaha gaarka ah ay dhici karto in dib loo dhigo ama aan macquul ahayn (xilliga Treck wuxuu jiray in ka badan 20 sano, aalado badan ayaa weli aan la dayactirin ama way adagtahay in la cusboonaysiiyo), maamulayaasha waxaa lagula talinayaa inay go'doomiyaan aaladaha dhibaatada leh oo ay dejiyaan nidaamyada kormeerka xirmooyinka, dab-damiska. ama router si ay caadi uga dhigaan ama u joojiyaan xirmooyinka kala jajaban, xannibaan tunnelka IP-ga (IPv6-in-IPv4 iyo IP-in-IP), xannibo "waddada ilaha", awood u siinaya kormeerka xulashooyinka khaldan ee xirmooyinka TCP, xannibi fariimaha kantaroolka ICMP ee aan la isticmaalin (Cusbooneysiinta MTU iyo Maaskarada Cinwaanka), dami IPV6 multicast oo u jihsii su'aalaha DNS server-ka DNS ee soo noqnoqda.
Source: opennet.ru