Published:2023/02/10  Last Updated:2023/05/17

JVNVU#99551468
Zuken Elmic KASAGO uses insufficient random values for TCP Initial Sequence Numbers

Overview

Zuken Elmic KASAGO uses insufficient random values for TCP initial sequence numbers.

Products Affected

The versions prior to Ver6.0.1.34 of the following products are affected.

  • KASAGO IPv6/v4 Dual
  • KASAGO IPv4
  • KASAGO IPv4 Light
  • KASAGO mobile IPv6

Description

Zuken Elmic KASAGO, TCP/IP protocol stack for embedded systems, uses its own random number generator function when generating TCP initial sequence numbers, which leads to use insufficient random values (CWE-330).

Impact

TCP initial sequence numbers may be derived; and ongoing TCP sessions may be hijacked or future TCP sessions may be spoofed.

Solution

Update The Software
Update to the latest version according to the information provided by the developer.
The developer states that this issue is fixed on Ver6.0.1.34.

Vendor Status

Vendor Status Last Update Vendor Notes
DENSO WAVE INCORPORATED Not Vulnerable 2023/02/27
DMG MORI Digital Co., LTD. Not Vulnerable 2023/02/10
FUJITSU LIMITED Not Vulnerable, investigating 2023/02/10
OMRON Corporation Vulnerability Information Provided 2023/02/10
Panasonic Holdings Corporation Vulnerable, investigating 2023/05/17 Panasonic Holdings Corporation website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score: 5.9
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)

Credit

Zuken Elmic reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2022-43501
JVN iPedia

Update History

2023/02/15
DENSO WAVE INCORPORATED update status
2023/02/27
DENSO WAVE INCORPORATED update status
2023/05/17
Panasonic Holdings Corporation update status