An out-of-bounds read has been discovered in the Treck IP stack used in the Tera2 Zero Client and Remote Workstation Card firmware.
There are no workarounds that address this vulnerability. To mitigate the vulnerabilities, update to one of the versions of Zero Client firmware or Remote Workstation Card listed above, (or later).
The Treck TCP/IP stack before 18.104.22.168 has a DHCP Out-of-bounds Read.
Vulnerability classification has been performed using the CVSSv3 scoring system. The CVSS environmental score is specific to each customer’s environment and should be defined by the customer to attain a final scoring.
8 July 2020: Initial Publication
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. TERADICI RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.