search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Dnsmasq is vulnerable to memory corruption and cache poisoning

Vulnerability Note VU#434904

Original Release Date: 2021-01-19 | Last Revised: 2021-10-06

Overview

Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker to corrupt memory on a vulnerable system and perform cache poisoning attacks against a vulnerable environment.

These vulnerabilities are also tracked as ICS-VU-668462 and referred to as DNSpooq.

Description

Dnsmasq is widely used open-source software that provides DNS forwarding and caching (and also a DHCP server). Dnsmasq is common in Internet-of-Things (IoT) and other embedded devices.

JSOF reported multiple memory corruption vulnerabilities in dnsmasq due to boundary checking errors in DNSSEC handling code.

  • CVE-2020-25681: A heap-based buffer overflow in dnsmasq in the way it sorts RRSets before validating them with DNSSEC data in an unsolicited DNS response
  • CVE-2020-25682: A buffer overflow vulnerability in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data
  • CVE-2020-25683: A heap-based buffer overflow in get_rdata subroutine of dnsmasq, when DNSSEC is enabled and before it validates the received DNS entries
  • CVE-2020-25687: A heap-based buffer overflow in sort_rrset subroutine of dnsmasq, when DNSSEC is enabled and before it validates the received DNS entries

JSOF also reported vulnerabilities in DNS response validation that can result in DNS cache poisoning.

  • CVE-2020-25684: Dnsmasq does not validate the combination of address/port and the query-id fields of DNS request when accepting DNS responses
  • CVE-2020-25685: Dnsmasq uses a weak hashing algorithm (CRC32) when compiled without DNSSEC to validate DNS responses
  • CVE-2020-25686: Dnsmasq does not check for an existing pending request for the same name and forwards a new request thus allowing an attacker to perform a "Birthday Attack" scenario to forge replies and potentially poison the DNS cache

Note: These cache poisoning scenarios and defenses are discussed in IETF RFC5452.

Impact

The memory corruption vulnerabilities can be triggered by a remote attacker using crafted DNS responses that can lead to denial of service, information exposure, and potentially remote code execution. The DNS response validation vulnerabilities allow an attacker to use unsolicited DNS responses to poison the DNS cache and redirect users to arbitrary sites.

Solution

Apply updates

These vulnerabilities are addressed in dnsmasq 2.83. Users of IoT and embedded devices that use dnsmasq should contact their vendors.

Follow security best-practices

Consider the following security best-practices to protect DNS infrastructure:

  • Protect your DNS clients using stateful-inspection firewall that provide DNS security (e.g., stateful firewalls and NAT devices can block unsolicited DNS responses, DNS application layer inspection can prevent forwarding of anomalous DNS packets).
  • Provide secure DNS recursion service with features such as DNSSEC validation and the interim 0x20-bit encoding as part of enterprise DNS services where applicable.
  • Prevent exposure of IoT devices and lightweight devices directly over the Internet to minimize abuse of DNS.
  • Implement a Secure By Default configuration suitable for your operating environment (e.g., disable caching on embedded IoT devices when an upstream caching resolver is available).

Acknowledgements

Moshe Kol and Shlomi Oberman of JSOF researched and reported these vulnerabilities. Simon Kelley (author of dnsmasq) worked closely with collaborative vendors (Cisco, Google, Pi-Hole, Redhat) to develop patches to address these security vulnerabilities. GitHub also supported these collaboration efforts providing support to use their GitHub Security Advisory platform for collaboration.

This document was written by Vijay Sarvepalli.

Vendor Information

434904
 

Arista Networks Inc. Affected

Notified:  2020-09-23 Updated: 2021-01-19

Statement Date:   January 04, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Check Point Affected

Notified:  2020-09-24 Updated: 2021-02-08

Statement Date:   February 08, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Not Affected

Vendor Statement

Check Point Gaia is not vulnerable.

Check Point SMB is vulnerable to CVE-2020-25686, CVE-2020-25684, CVE-2020-25685 on internal (LAN, Wi-Fi) networks. And updated firware is available at https://supportcenter.checkpoint.com/

Cisco Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   January 02, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Cradlepoint Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   January 19, 2021

CVE-2020-25681 Affected
CVE-2020-25682 Affected
CVE-2020-25683 Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Affected

Vendor Statement

Cradlepoint devices running NetCloud OS (NCOS) use dnsmasq for domain resolution, domain caching and DHCP services on the local LAN. DNS is a configurable service within NCOS therefore possible configuration states and potential impacts are listed.

Affected Components: NCOS versions up to 7.21.20

Recommendations:
Promptly test and upgrade to the latest NCOS version upon release
Disable (do not enable) DNSSEC until patched
Authenticate clients to the LAN using 802.1X
Do not configure firewall to expose DNS services (UDP port 53) on WAN interfaces

Default Configuration: DNSSEC disabled

Cradlepoint Severity: Low/Medium (dependent upon environment)
Potentially Impacted: Local LAN users, clients and services
Potential attack path: Local LAN
Associated CVEs: CVE-2020-25684, CVE-2020-25685, CVE-2020-25686

Modified Configuration: DNSSEC enabled

Cradlepoint Severity: Medium/High (dependent upon environment)
Potentially Impacted: Device and sub-services; Local LAN users, clients and services
Potential attack path: Local LAN
Associated CVEs: CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687

Modified Configuration: DNS services exposed on WAN

Cradlepoint Severity: Critical (dependent upon environment)
Potentially Impacted: See above
Potential attack paths: WAN interfaces; Local LAN
Associated CVEs: See above

References

dd-wrt Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   January 11, 2021

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digi International Affected

Notified:  2020-09-24 Updated: 2021-07-20

Statement Date:   July 20, 2021

CVE-2020-25681 Affected
CVE-2020-25682 Affected
CVE-2020-25683 Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Affected

Vendor Statement

Digi International has patched this in firmware versions 21.2.X.X on all of our DAL based products, which includes: Digi AnywhereUSB Plus 2 Digi AnywhereUSB Plus 8 Digi AnywhereUSB Plus 8 WiFi Digi AnywhereUSB Plus 24 Digi AnywhereUSB Plus 24 WiFi Digi Connect EZ1 (mini) Digi Connect EZ2 Digi Connect EZ4 Digi ConnectIT4 Digi ConnectIT16 Digi ConnectIT48 Digi ConnectIT-Mini Digi EX15 Digi EX15-PR Digi EX15W Digi EX15W-PR Digi EX12 Digi EX12-PR Digi IX10 Digi IX14 Digi IX15 Digi IX20

Digi IX20-PR Digi IX20W Digi IX20W-PR Digi LR54 Digi LR54W Digi TX54-Dual-Cellular Digi TX54-Dual-Cellular-PR Digi TX54-Dual-Wi-Fi Digi TX54-Single-Cellular Digi TX54-Single-Cellular-PR Digi TX64 Digi TX64-PR Digi TX64-Rail-Single-Cellular-PR Digi VirtualDAL Digi VirtualDAL-PR AcceleratedConcepts 6350-SR AcceleratedConcepts 6355-SR AcceleratedConcepts 6330-MX AcceleratedConcepts 6335-MX AcceleratedConcepts 6310-DX AcceleratedConcepts 5400-RM AcceleratedConcepts 5401-RM AcceleratedConcepts 6300-CX

References

Fujitsu Affected

Notified:  2020-12-15 Updated: 2021-06-02

Statement Date:   May 31, 2021

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Affected
CVE-2020-25685 Unknown
CVE-2020-25686 Affected
CVE-2020-25687 Unknown

Vendor Statement

Fujitsu is aware of the security vulnerabilities in software dnsmasq, also known as "DNSpooq".

Affected products are Fujitsu INTELLIEDGE, Fujitsu ServerView Services for ISM, Fujitsu SOA SysRollout Service, Fujitsu SOA Profile Management Service, Fujitsu ISM (Core) and Fujitsu FlexFrame Orchestrator (SAP). Updates are pending or already available.

The Fujitsu PSIRT has updated the state for Fujitsu PSIRT-IS-2021-011900 on https://security.ts.fujitsu.com (Security Notices) accordingly.

In case of questions regarding this Fujitsu PSIRT Security Notice, please contact the Fujitsu PSIRT (Fujitsu-PSIRT@ts.fujitsu.com).

Juniper Networks Affected

Notified:  2020-09-25 Updated: 2021-02-08

Statement Date:   February 04, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Not Affected

Vendor Statement

The Juniper SIRT has investigated the impact of these vulnerabilities on Juniper products. Juniper Networks Junos OS, Space, and Contrail products are unaffected by these vulnerabilities.

Juniper Mist Access Points (APs) ship with Dnsmasq and are only affected by the vulnerabilities via DNS (CVE-2020-25684, CVE-2020-25685, CVE-2020-25686) 4.0/CVSS:3.1.

The Wi-Fi mPIM (Mini-PIM) card for SRX branch devices ship with Dnsmasq enabled by default and is reachable from the network. Only vulnerabilities (CVE-2020-25684, CVE-2020-25685, CVE-2020-25686): 4.0/CVSS:3.1 via DNS affect this card.

Code fixes are underway for Mist and the Mini-PIM card and customers should upgrade when those fixes are available.

Security Incident Response Team Juniper Networks

NETGEAR Affected

Notified:  2020-09-28 Updated: 2021-01-19

Statement Date:   January 14, 2021

CVE-2020-25681 Affected
CVE-2020-25682 Affected
CVE-2020-25683 Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Affected

Vendor Statement

Netgear has released fixes for multiple Dnsmasq security vulnerabilities on the following product affected models: RAX40 running firmware versions prior to v1.0.3.88 RAX35 running firmware versions prior to v1.0.3.88

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

You and follow the steps mentioned in the security advisory to upgrade it to the latest version. https://kb.netgear.com/000062628/Security-Advisory-for-Multiple-Dnsmasq-Vulnerabilities-on-Some-Routers-PSV-2020-0463

Thanks, Rachit Dogra

References

OpenWRT Affected

Notified:  2020-09-28 Updated: 2021-01-19

Statement Date:   January 19, 2021

CVE-2020-25681 Affected
Vendor Statement:
Only package dnsmasq-full, which is not installed by default, is affected.
CVE-2020-25682 Affected
Vendor Statement:
Only package dnsmasq-full, which is not installed by default, is affected.
CVE-2020-25683 Affected
Vendor Statement:
Only package dnsmasq-full, which is not installed by default, is affected.
CVE-2020-25684 Affected
CVE-2020-25685 Affected
Vendor Statement:
Only package dnsmasq-full, which is not installed by default, is affected.
CVE-2020-25686 Affected
CVE-2020-25687 Affected
Vendor Statement:
Only package dnsmasq-full, which is not installed by default, is affected.

Vendor Statement

OpenWrt shipps the following variants: * dnsmasq * dnsmasq-dhcpv6 * dnsmasq-full

Only dnsmasq-full has support for DNSSEC and only this variant is affected by the problems in the DNSSEC code as far as we understand them. The other problems affect all variants. The default installation contains the dnsmasq package only, but the user can install the other variants.

References

Pi-Hole Affected

Notified:  2020-10-12 Updated: 2021-01-19

Statement Date:   January 11, 2021

CVE-2020-25681 Affected
CVE-2020-25682 Affected
CVE-2020-25683 Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Affected

Vendor Statement

We have not received a statement from the vendor.

Red Hat Affected

Notified:  2020-09-25 Updated: 2021-01-19

Statement Date:   January 15, 2021

CVE-2020-25681 Affected
Vendor Statement:
This issue affects the versions of dnsmasq as shipped with Red Hat Enterprise Linux 8, but it does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 because they are not compiled with DNSSEC support.
CVE-2020-25682 Affected
Vendor Statement:
This issue affects the versions of dnsmasq as shipped with Red Hat Enterprise Linux 8, but it does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 because they are not compiled with DNSSEC support.
CVE-2020-25683 Affected
Vendor Statement:
This issue affects the versions of dnsmasq as shipped with Red Hat Enterprise Linux 8, but it does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 because they are not compiled with DNSSEC support.
CVE-2020-25684 Affected
Vendor Statement:
This issue affects the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, 7, and 8. Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV) are indirectly affected as well.
CVE-2020-25685 Affected
Vendor Statement:
This issue affects the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, 7, and 8. Red Hat Enterprise Linux 8 provides dnsmasq compiled with DNSSEC support, thus SHA-1 is used as a hash for query names instead of CRC32, making collisions harder to find. Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV) are indirectly affected as well.
CVE-2020-25686 Affected
Vendor Statement:
This issue affects the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, 7, and 8. Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV) are indirectly affected as well.
CVE-2020-25687 Affected
Vendor Statement:
This issue affects the versions of dnsmasq as shipped with Red Hat Enterprise Linux 8, but it does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 because they are not compiled with DNSSEC support.

References

Siemens Affected

Notified:  2020-10-12 Updated: 2021-01-19

Statement Date:   January 19, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Not Affected

Vendor Statement

Siemens is aware of the security vulnerabilities in the Open Source component DNSmasq, as disclosed on 2021-01-19 and also known as "DNSpooq".

The impact to Siemens products is described in the Security Advisory SSA-646763, published on the Siemens ProductCERT page (https://www.siemens.com/cert/advisories).

In case of questions regarding this Security Advisory, please contact Siemens ProductCERT (productcert@siemens.com).

References

Sierra Wireless Affected

Notified:  2020-09-28 Updated: 2021-01-20

Statement Date:   January 20, 2021

CVE-2020-25681 Affected
CVE-2020-25682 Affected
CVE-2020-25683 Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Affected

Vendor Statement

Sierra Wireless products are affected by some of these vulnerabilities. Please check the security bulletin linked in the reference section for details on your product. Sierra Wireless would like to thank JSOF for discovering and responsibly reporting these issues, as well as the efforts of CERT/CC for coordinating the response.

References

Sophos Affected

Notified:  2020-09-28 Updated: 2021-01-20

Statement Date:   January 20, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Not Affected

Vendor Statement

Sophos Red devices are impacted. More information to follow

References

SUSE Linux Affected

Notified:  2020-09-28 Updated: 2021-01-19

Statement Date:   January 14, 2021

CVE-2020-25681 Affected
CVE-2020-25682 Affected
CVE-2020-25683 Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Affected

Vendor Statement

We have not received a statement from the vendor.

Synology Affected

Notified:  2020-09-28 Updated: 2021-01-22

Statement Date:   January 21, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Technicolor Affected

Notified:  2020-09-15 Updated: 2021-01-19

Statement Date:   September 29, 2020

CVE-2020-25681 Unknown
CVE-2020-25682 Affected
Vendor Statement:
we confirm that dnsmaq is affected by this vulnerability. however it is very unlikely to see real world exploitation of this vulnerability. It requires dnsmasq to be configured to do DNS requests to a rogue DNS that will serve these unrelated CNAME records. Devices are configured to request ISPs DNS. Moreover, these unrelated CNAME records are not valid and cannot be configured in a regular zone file; they require custom DNS server to be served. So, if you control a custom DNS and you can configure dnsmasq to request this DNS, no need to exploit a vulnerability to poison the cache, just answer what you want. Risk level : LOW CVSS v2 : 3.6
CVE-2020-25683 Not Affected
Vendor Statement:
DNSSEC is not available on dnsmasq version we use
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Wind River Affected

Notified:  2020-09-29 Updated: 2021-01-19

Statement Date:   October 14, 2020

CVE-2020-25681 Affected
CVE-2020-25682 Affected
CVE-2020-25683 Affected
CVE-2020-25684 Affected
CVE-2020-25685 Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zephyr Project Affected

Notified:  2020-09-29 Updated: 2021-01-19

Statement Date:   October 27, 2020

CVE-2020-25681 Affected
CVE-2020-25682 Affected
CVE-2020-25683 Affected
CVE-2020-25684 Unknown
CVE-2020-25685 Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

The Zephyr project consists of a core RTOS, numerous additional modules, and an extensive suite of test builds and test cases. This vulnerability does not directly affect the RTOS, or the additional modules. However, some of the test cases use the dnsmasq tool, which could render these testing environment vulnerable. In these test cases, the dnsmasq tool is used strictly by RTOS+test code running within the QEMU simulation environment. Attacks on dnsmasq could result in test failures causing a denial of service to the project (due to incorrect failures).

A10 Networks Not Affected

Notified:  2020-09-23 Updated: 2021-07-20

Statement Date:   June 23, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

Dnsmasq is not used in current and supported A10 Networks, Inc products.

Actiontec Not Affected

Notified:  2020-09-23 Updated: 2021-01-19

Statement Date:   January 19, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

we do not use dnsmasq in our products

Afero Not Affected

Notified:  2020-09-23 Updated: 2021-01-19

Statement Date:   November 02, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Android Open Source Project Not Affected

Notified:  2020-09-23 Updated: 2021-01-19

Statement Date:   November 23, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

While Android does have Dnsmasq code but it is used in a limited capacity and cannot be attacked or exploited in the manner described in this report.

ARM mbed TLS Not Affected

Notified:  2020-09-23 Updated: 2021-01-19

Statement Date:   September 24, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Unknown
CVE-2020-25685 Not Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

AVM GmbH Not Affected

Notified:  2020-09-23 Updated: 2021-01-19

Statement Date:   October 30, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
Vendor Statement:
AVM does not use dnsmasq
CVE-2020-25687 Not Affected
Vendor Statement:
AVM does not use dnsmasq

Vendor Statement

AVM doesn't use the dnsmasq project within its firmwares.

Barracuda Networks Not Affected

Notified:  2020-09-23 Updated: 2021-01-19

Statement Date:   January 19, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Blackberry QNX Not Affected

Notified:  2020-09-23 Updated: 2021-01-19

Statement Date:   October 30, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Brocade Communication Systems Not Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   November 25, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

No Brocade Fibre Channel Products from Broadcom are currently known to be affected by these vulnerabilities.

eCosCentric Not Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   November 25, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

Do not use/supply Dnsmasq

eero Not Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   January 15, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

eero products do not use the affected functionality of the affected software products, and so are unaffected by these vulnerabilities.

Espressif Systems Not Affected

Notified:  2020-09-24 Updated: 2021-01-20

Statement Date:   January 20, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

Espressif doesn't use dnsmasq in any product SDKs or other published software, so is not affected.

F5 Networks Inc. Not Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   December 05, 2020

CVE-2020-25681 Not Affected
Vendor Statement:
The package dnsmasq and/or associated binaries are not installed on F5 products, therefore they are not affected by these vulnerabilities.
CVE-2020-25682 Not Affected
Vendor Statement:
The package dnsmasq and/or associated binaries are not installed on F5 products, therefore they are not affected by these vulnerabilities.
CVE-2020-25683 Not Affected
Vendor Statement:
The package dnsmasq and/or associated binaries are not installed on F5 products, therefore they are not affected by these vulnerabilities.
CVE-2020-25684 Not Affected
Vendor Statement:
The package dnsmasq and/or associated binaries are not installed on F5 products, therefore they are not affected by these vulnerabilities.
CVE-2020-25685 Not Affected
Vendor Statement:
The package dnsmasq and/or associated binaries are not installed on F5 products, therefore they are not affected by these vulnerabilities.
CVE-2020-25686 Not Affected
Vendor Statement:
The package dnsmasq and/or associated binaries are not installed on F5 products, therefore they are not affected by these vulnerabilities.
CVE-2020-25687 Not Affected
Vendor Statement:
The package dnsmasq and/or associated binaries are not installed on F5 products, therefore they are not affected by these vulnerabilities.

Vendor Statement

The package dnsmasq and/or associated binaries are not installed on F5 products, therefore they are not affected by these vulnerabilities.

FreeBSD Project Not Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   September 24, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Unknown
CVE-2020-25685 Not Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

FreeBSD does not ship with dnsmasq as part of the base system. dnsmasq is available as part of the FreeBSD ports/pkg system, but the responsibility for analysis of risk lies with the administrator that chooses to install and configure dnsmasq.

F-Secure Corporation Not Affected

Notified:  2020-09-24 Updated: 2021-10-06

Statement Date:   June 24, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

Not Affected.

Google Not Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   December 07, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

HCC Not Affected

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   November 26, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Infoblox Not Affected

Notified:  2020-09-25 Updated: 2021-01-19

Statement Date:   October 16, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Intel Not Affected

Notified:  2020-09-25 Updated: 2021-01-19

Statement Date:   January 19, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

LANCOM Systems GmbH Not Affected

Notified:  2020-09-25 Updated: 2021-01-19

Statement Date:   January 14, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

LANCOM Systems products are not affected by these vulnerabilities.

lwIP Not Affected

Notified:  2020-09-25 Updated: 2021-01-19

Statement Date:   December 04, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

lwIP does not use dnsmasq code. We've had similar bugs like 1 and 2 here in the past (with their own CVE), but these have been fixed quite a while ago.

McAfee Not Affected

Notified:  2020-09-28 Updated: 2021-06-02

Statement Date:   May 17, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

MikroTik Not Affected

Notified:  2020-09-28 Updated: 2021-01-19

Statement Date:   September 29, 2020

CVE-2020-25681 Not Affected
Vendor Statement:
Dnsmasq not used in MikroTik software
CVE-2020-25682 Not Affected
Vendor Statement:
Dnsmasq not used in MikroTik software
CVE-2020-25683 Not Affected
Vendor Statement:
Dnsmasq not used in MikroTik software
CVE-2020-25684 Unknown
CVE-2020-25685 Not Affected
Vendor Statement:
Dnsmasq not used in MikroTik software
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

Dnsmasq not used in MikroTik software

Miredo Not Affected

Notified:  2020-09-28 Updated: 2021-01-19

Statement Date:   January 19, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

dnsmasq is not used.

NetBSD Not Affected

Notified:  2020-09-28 Updated: 2021-01-19

Statement Date:   September 28, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Unknown
CVE-2020-25685 Not Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

netsnmp Not Affected

Notified:  2020-09-28 Updated: 2021-01-19

Statement Date:   October 30, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Unknown
CVE-2020-25685 Not Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Peplink Not Affected

Notified:  2020-09-28 Updated: 2021-10-06

Statement Date:   September 16, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Pulse Secure Not Affected

Notified:  2020-09-28 Updated: 2021-02-11

Statement Date:   February 10, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Rockwell Automation Not Affected

Notified:  2020-09-28 Updated: 2021-01-19

Statement Date:   November 30, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Unknown
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Treck Not Affected

Notified:  2020-09-29 Updated: 2021-06-02

Statement Date:   April 25, 2021

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

Treck does not use Dnsmasq.

VMware Not Affected

Notified:  2020-09-29 Updated: 2021-01-19

Statement Date:   November 03, 2020

CVE-2020-25681 Not Affected
CVE-2020-25682 Not Affected
CVE-2020-25683 Not Affected
CVE-2020-25684 Not Affected
CVE-2020-25685 Not Affected
CVE-2020-25686 Not Affected
CVE-2020-25687 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Ceragon Networks Inc Unknown

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   January 18, 2021

CVE-2020-25681 Unknown
Vendor Statement:
not relevant
CVE-2020-25682 Unknown
Vendor Statement:
not relevant
CVE-2020-25683 Unknown
Vendor Statement:
not relevant
CVE-2020-25684 Unknown
Vendor Statement:
not relevant
CVE-2020-25685 Unknown
Vendor Statement:
not relevant
CVE-2020-25686 Unknown
Vendor Statement:
not relevant
CVE-2020-25687 Unknown
Vendor Statement:
not relevant

D-Link Systems Inc. Unknown

Notified:  2020-09-24 Updated: 2021-01-19

Statement Date:   September 30, 2020

CVE-2020-25681 Unknown
Vendor Statement:
D-Link has been informed that DNSmasq, a popular caching DNS server and DHCP server, is vulnerable to DNS cache poisoning attacks. We have promptly started our investigation to determine whether D-Link routers are affected, and we will provide updates as soon as we have more information. D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates.
CVE-2020-25682 Unknown
Vendor Statement:
D-Link has been informed that DNSmasq, a popular caching DNS server and DHCP server, is vulnerable to DNS cache poisoning attacks. We have promptly started our investigation to determine whether D-Link routers are affected, and we will provide updates as soon as we have more information. D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates.
CVE-2020-25683 Unknown
Vendor Statement:
D-Link has been informed that DNSmasq, a popular caching DNS server and DHCP server, is vulnerable to DNS cache poisoning attacks. We have promptly started our investigation to determine whether D-Link routers are affected, and we will provide updates as soon as we have more information. D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates.
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
Vendor Statement:
D-Link has been informed that DNSmasq, a popular caching DNS server and DHCP server, is vulnerable to DNS cache poisoning attacks. We have promptly started our investigation to determine whether D-Link routers are affected, and we will provide updates as soon as we have more information. D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates.
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

D-Link has been informed that DNSmasq, a popular caching DNS server and DHCP server, is vulnerable to DNS cache poisoning attacks. We have promptly started our investigation to determine whether D-Link routers are affected, and we will provide updates as soon as we have more information.

D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates.

References

IBM Corporation (zseries) Unknown

Notified:  2020-09-25 Updated: 2021-01-19

Statement Date:   September 29, 2020

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

As a best practice for IBM Z, IBM strongly recommends that clients obtain access to the IBM Z and LinuxONE Security Portal and subscribe to the Security Portal’s automatic notification process to get access to the latest service information on security and system integrity related APARs for z/OS and z/VM.

ACCESS Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Actelis Networks Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

ADATA Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

ADTRAN Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aerohive Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

AhnLab Inc Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

AirWatch Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Akamai Technologies Inc. Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alcatel-Lucent Enterprise Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Allied Telesis Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alpine Linux Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Altran Intelligent Systems Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Amazon Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

ANTlabs Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apple Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Arch Linux Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

ARRIS Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aruba Networks Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aspera Inc. Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

ASUSTeK Computer Inc. Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Atheros Communications Inc Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

AT&T Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avaya Inc. Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Belden Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Belkin Inc. Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bell Canada Enterprises Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlackBerry Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlueCat Networks Inc. Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blue Coat Systems Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blunk Microsystems Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

BoringSSL Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Broadcom Unknown

Notified:  2020-09-23 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Buffalo Technology Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

BullGuard Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cambium Networks Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

CA Technologies Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

CERT-UBIK Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cesanta Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cirpack Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

CMX Systems Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Comcast Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Commscope Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Contiki OS Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cricket Wireless Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cypress Semiconductor Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

CZ.NIC Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Debian GNU/Linux Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell EMC Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell SecureWorks Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Deutsche Telekom Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Devicescape Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Diebold Election Systems Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

dnsmasq Unknown

Notified:  2020-09-18 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

EfficientIP Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

ENEA Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ericsson Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

European Registry for Internet Domains Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Express Logic Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Extreme Networks Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fastly Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fedora Project Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

FNet Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Force10 Networks Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fortinet Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Foundry Brocade Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

FreeRTOS Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Geexbox Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gentoo Linux Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

GFI Software Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU adns Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU glibc Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Grandstream Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Green Hills Software Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hewlett Packard Enterprise Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hitachi Unknown

Notified:  2020-09-24 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hitron Unknown

Notified:  2021-01-19 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Honeywell Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

HP Inc. Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

HTC Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Huawei Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

IBM Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

IBM Numa-Q Division (Formerly Sequent) Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

ICASI Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

InfoExpress Inc. Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Inmarsat Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Internet Systems Consortium Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Internet Systems Consortium - DHCP Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

INTEROP Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

IP Infusion Inc. Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

JH Software Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

JPCERT/CC Vulnerability Handling Team Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Kwikset Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lancope Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lantronix Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lenovo Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

LG Electronics Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

LibreSSL Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Linksys Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

LITE-ON Technology Corporation Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

LiteSpeed Technologies Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lynx Software Technologies Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

m0n0wall Unknown

Notified:  2020-09-25 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Marconi Inc. Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Marvell Semiconductor Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

MaxLinear Unknown

Notified:  2021-01-13 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

MediaTek Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Medtronic Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Men & Mice Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Metaswitch Networks Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Micrium Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Microchip Technology Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Micro Focus Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Microsoft Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Minim Zoom Unknown

Notified:  2021-01-19 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Mitel Networks Inc. Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Monroe Electronics Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Motorola Inc. Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Muonics Inc. Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

National Cyber Security Center Netherlands Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

National Cyber Security Centre Finland Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

NCSC-FI Vulnerability Coordinator Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

NEC Corporation Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

NetBurner Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

NetComm Wireless Limited Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

NETSCOUT Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

netsnmpj Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

NIKSUN Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nixu Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

NLnet Labs Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nokia Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nominum Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

OleumTech Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenConnect Ltd Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenDNS Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenSSL Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Openwall GNU/*/Linux Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Oracle Corporation Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Oryx Embedded Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Paessler Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Palo Alto Networks Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

pfSense Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Philips Electronics Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

PHPIDS Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

PowerDNS Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Proxim Inc. Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

QLogic Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

QNAP Unknown

Notified:  2020-10-08 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quadros Systems Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quagga Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Qualcomm Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quantenna Communications Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Riverbed Technologies Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Roku Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ruckus Wireless Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ruijie Networks Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

SafeNet Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Mobile Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Semiconductor Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Schneider Electric Unknown

Notified:  2020-12-08 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Secure64 Software Corporation Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

SEIKO EPSON Corp. / Epson America Inc. Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Slackware Linux Inc. Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

SMC Networks Inc. Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

SmoothWall Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Snort Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

SonicWall Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sonos Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sony Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sourcefire Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Symantec Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Systech Unknown

Notified:  2020-09-28 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

systemd Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

TCPWave Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

TDS Telecom Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Tenable Network Security Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Thales Group Unknown

Notified:  2020-09-29 Updated: 2021-01-19

Statement Date:   September 30, 2020

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

TippingPoint Technologies Inc. Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Tizen Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Toshiba Commerce Solutions Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

TP-LINK Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Turbolinux Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubee Interactive Unknown

Notified:  2021-01-19 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubiquiti Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubuntu Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Unisys Corporation Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Univention Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Untangle Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Vertical Networks Inc. Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

VMware Carbon Black Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Vultures List Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

WizNET Technology Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

wolfSSL Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Xiaomi Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Xilinx Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zebra Technologies Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

ZTE Corporation Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zyxel Unknown

Notified:  2020-09-29 Updated: 2021-01-19

CVE-2020-25681 Unknown
CVE-2020-25682 Unknown
CVE-2020-25683 Unknown
CVE-2020-25684 Unknown
CVE-2020-25685 Unknown
CVE-2020-25686 Unknown
CVE-2020-25687 Unknown

Vendor Statement

We have not received a statement from the vendor.

View all 253 vendors View less vendors


Other Information

CVE IDs: CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687
Date Public: 2021-01-19
Date First Published: 2021-01-19
Date Last Updated: 2021-10-06 17:28 UTC
Document Revision: 11

Sponsored by CISA.