search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks

Vulnerability Note VU#918987

Original Release Date: 2019-08-14 | Last Revised: 2019-09-03

Overview

The encryption key length negotiation process in Bluetooth BR/EDR Core v5.1 and earlier is vulnerable to packet injection by an unauthenticated, adjacent attacker that could result in information disclosure and/or escalation of privileges. This can be achieved using an attack referred to as the Key Negotiation of Bluetooth (KNOB) attack, which is when a third party forces two or more victims to agree on an encryption key with as little as one byte of entropy. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications.

Description

Bluetooth is a short-range wireless technology based off of a core specification that defines six different core configurations, including the Bluetooth Basic Rate / Enhanced Data Rate Core Configurations. Bluetooth BR/EDR is used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other and establish a link key that is used to generate the encryption key. For example, assume that there are two controllers attempting to establish a connection: Alice and Bob. After authenticating the link key, Alice proposes that she and Bob use 16 bytes of entropy. This number, N, could be between 1 and 16 bytes. Bob can either accept this, reject this and abort the negotiation, or propose a smaller value. Bob may wish to propose a smaller N value because he (the controller) does not support the larger amount of bytes proposed by Alice. After proposing a smaller amount, Alice can accept it and request to activate link-layer encryption with Bob, which Bob can accept.

An attacker, Charlie, could force Alice and Bob to use a smaller N by intercepting Alice's proposal request to Bob and changing N. Charlie could lower N to as low as 1 byte, which Bob would subsequently accept since Bob supports 1 byte of entropy and it is within the range of the compliant values. Charlie could then intercept Bob's acceptance message to Alice and change the entropy proposal to 1 byte, which Alice would likely accept, because she may believe that Bob cannot support a larger N. Thus, both Alice and Bob would accept N and inform the Bluetooth hosts that encryption is active, without acknowledging or realizing that N is lower than either of them initially intended it to be.

Impact

An unauthenticated, adjacent attacker can force two Bluetooth devices to use as low as 1 byte of entropy. This would make it easier for an attacker to brute force as it reduces the total number of possible keys to try, and would give them the ability to decrypt all of the traffic between the devices during that session.

Solution

Bluetooth host and controller suppliers should refer to the Bluetooth SIG's "Expedited Errata Correction 11838" for guidance on updating their products. Downstream vendors should refer to their suppliers for updates.

Vendor Information

These issues exist due to the specification, which has been corrected.

918987
 
Affected   Unknown   Unaffected

BlackBerry

Notified:  June 10, 2019 Updated:  August 19, 2019

Statement Date:   August 19, 2019

Status

  Affected

Vendor Statement

Please read the full vendor statement in the reference link below

Vendor References

Bluetooth SIG

Notified:  May 07, 2019 Updated:  August 09, 2019

Status

  Affected

Vendor Statement

Please read the full vendor statement here.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Afero

Updated:  August 30, 2019

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

LANCOM Systems GmbH

Notified:  June 10, 2019 Updated:  September 03, 2019

Statement Date:   September 03, 2019

Status

  Not Affected

Vendor Statement

LANCOM Systems confirms that no LANCOM product is affected.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

A10 Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ACCESS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ADTRAN

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ANTlabs

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ARRIS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AT&T

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AVM GmbH

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Actelis Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Actiontec

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Aerohive

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AhnLab Inc

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AirWatch

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Akamai Technologies, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Alcatel-Lucent Enterprise

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Allied Telesis

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Alpine Linux

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Amazon

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Android Open Source Project

Notified:  May 30, 2019 Updated:  May 30, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Apple

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Arch Linux

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Arista Networks, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Aruba Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Aspera Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AsusTek Computer Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Atheros Communications Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Avaya, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Barracuda Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Belden

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Belkin, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Bell Canada Enterprises

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Blue Coat Systems

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

BlueCat Networks, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Blunk Microsystems

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

BoringSSL

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Broadcom

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Brocade Communication Systems

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Buffalo Inc

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CA Technologies

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CMX Systems

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CZ.NIC

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cambium Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ceragon Networks Inc

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Check Point Software Technologies

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cirpack

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cisco

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Comcast

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Contiki OS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CoreOS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cradlepoint

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cricket Wireless

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cypress Semiconductor

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

D-Link Systems, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Debian GNU/Linux

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Dell

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Dell EMC

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Dell SecureWorks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

DesktopBSD

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Deutsche Telekom

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Devicescape

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Digi International

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

DragonFly BSD Project

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ENEA

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

EfficientIP SAS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ericsson

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Espressif Systems

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

European Registry for Internet Domains

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Express Logic

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Extreme Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

F-Secure Corporation

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

F5 Networks, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fastly

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fedora Project

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Force10 Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fortinet, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Foundry Brocade

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

FreeBSD Project

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

GFI Software, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

GNU adns

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

GNU glibc

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Geexbox

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Gentoo Linux

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Google

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Grandstream

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

HP Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

HTC

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

HardenedBSD

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Hewlett Packard Enterprise

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Hewlett Packard Enterprise

Notified:  July 18, 2019 Updated:  July 18, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Hitachi

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Honeywell

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Huawei Technologies

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM Corporation (zseries)

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM, INC.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

INTEROP

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Illumos

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

InfoExpress, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Infoblox

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Inmarsat

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Intel

Notified:  January 15, 2019 Updated:  January 15, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Internet Systems Consortium

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Internet Systems Consortium - DHCP

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Interniche Technologies, inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

JH Software

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Joyent

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Juniper Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

LG Electronics

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

LITE-ON Technology Corporation

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Lancope

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Lantronix

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Lenovo

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

LibreSSL

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Linksys

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Lynx Software Technologies

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Marconi, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Marvell Semiconductors

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

McAfee

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

MediaTek

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Medtronic

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Men & Mice

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

MetaSwitch

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Micro Focus

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Microchip Technology

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Microsoft

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

MikroTik

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Miredo

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Mitel Networks, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Motorola, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Muonics, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NAS4Free

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NEC Corporation

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NETSCOUT

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NIKSUN

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NLnet Labs

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NetBSD

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NetBurner

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Netgear, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nexenta

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nixu

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nokia

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nominum

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OleumTech

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenBSD

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenConnect

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenIndiana

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

OpenSSL

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Openwall GNU/*/Linux

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Oracle Corporation

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Oryx Embedded

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

PHPIDS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Paessler

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Palo Alto Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Peplink

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Philips Electronics

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

PowerDNS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Proxim, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Pulse Secure

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

QLogic

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

QNX Software Systems Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

QUALCOMM Incorporated

Notified:  June 10, 2019 Updated:  August 08, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Quadros Systems

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Quagga

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Quantenna Communications

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Red Hat, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Riverbed Technologies

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Rocket RTOS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Roku

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ruckus Wireless

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SMC Networks, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SUSE Linux

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SafeNet

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Samsung

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Samsung Mobile

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Secure64 Software Corporation

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sierra Wireless

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Slackware Linux Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SmoothWall

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Snort

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SonicWall

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sonos

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sony Corporation

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sophos, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sourcefire

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Symantec

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Synology

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TCPWave

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TDS Telecom

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TP-LINK

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Technicolor

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TippingPoint Technologies Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Tizen

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Toshiba Commerce Solutions

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

TrueOS

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Turbolinux

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ubiquiti Networks

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ubuntu

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Unisys

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Untangle

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

VMware

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vertical Networks, Inc.

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Wind River

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

WizNET Technology

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Xiaomi

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Xilinx

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Zebra Technologies

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Zephyr Project

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Zyxel

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

dnsmasq

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

eCosCentric

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

eero

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

m0n0wall

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

netsnmp

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

netsnmpj

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

pfSense

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

wolfSSL

Notified:  June 10, 2019 Updated:  June 10, 2019

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

View all 218 vendors View less vendors


CVSS Metrics

Group Score Vector
Base 7.8 AV:A/AC:L/Au:N/C:C/I:C/A:N
Temporal 7.8 E:ND/RL:ND/RC:ND
Environmental 7.8 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Acknowledgements

Thanks to Daniele Antonioli for reporting this vulnerability.

This document was written by Madison Oliver.

Other Information

CVE IDs: CVE-2019-9506
Date Public: 2019-08-14
Date First Published: 2019-08-14
Date Last Updated: 2019-09-03 13:19 UTC
Document Revision: 77

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.