CVE-2020-11914
Description
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An out-of-bounds read vulnerability in the ARP component of the Treck TCP/IP stack (before 6.0.1.66) could allow a remote attacker to disclose sensitive memory contents.
Vulnerability
The Treck TCP/IP stack versions before 6.0.1.66 contain an out-of-bounds read vulnerability in the Address Resolution Protocol (ARP) component, identified as CVE-2020-11914. The bug belongs to a group of 19 vulnerabilities collectively known as Ripple20 [1]. It resides in the ARP packet parsing logic and is triggered by processing specially crafted ARP packets. Affected are all Treck IP stack versions prior to the fixed release 6.0.1.66, which is part of the 6.0.1.67 stable release [1][4].
Exploitation
An attacker can exploit this vulnerability by sending a malformed or specifically crafted ARP packet to a target device running an affected Treck IP stack version. The attacker requires network access to the target; no prior authentication or user interaction is needed [1][2]. The out-of-bounds read occurs during the parsing of the ARP packet, allowing the attacker to read beyond the intended buffer boundaries.
Impact
Successful exploitation allows an unauthenticated, remote attacker to read out-of-bounds memory adjacent to the ARP buffer [1][2]. This could lead to the disclosure of sensitive information stored in the device's memory, including cryptographic keys or other confidential data. The impact may vary due to different build and runtime options in embedded systems [1][2]. In a broader context, the Ripple20 vulnerabilities overall can lead to denial of service or arbitrary code execution, but for this specific CVE the immediate impact is information disclosure [1].
Mitigation
The fix is included in Treck TCP/IP stack version 6.0.1.67 (and later) [1]. Vendors have been advised to update their embedded systems to the stable version. Dell released patches for affected client platforms (via Intel component fix) and for remote workstation cards [3]. Cisco published security advisories and identified vulnerable products, with fixes available for many platforms [4]. As a workaround, deep packet inspection and blocking anomalous ARP traffic may reduce the attack surface [1]. End-users should contact their device vendor for firmware updates.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Treck/TCP/IP stackdescription
- Range: <6.0.1.66
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyCmitrevendor-advisoryx_refsource_CISCO
- www.kb.cert.org/vuls/id/257161mitrethird-party-advisoryx_refsource_CERT-VN
- www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txtmitrex_refsource_CONFIRM
- jsof-tech.com/vulnerability-disclosure-policy/mitrex_refsource_MISC
- security.netapp.com/advisory/ntap-20200625-0006/mitrex_refsource_CONFIRM
- support.hpe.com/hpesc/public/docDisplaymitrex_refsource_MISC
- www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilitiesmitrex_refsource_MISC
- www.jsof-tech.com/ripple20/mitrex_refsource_MISC
- www.kb.cert.org/vuls/id/257161/mitrex_refsource_MISC
- www.treck.commitrex_refsource_MISC
News mentions
0No linked articles in our index yet.