Predictable TCP Sequence Numbers in WinCE 3.0.9348 by Microsoft
CVE-2001-0162

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Ce
Vendor: CVE Published:; 1 January 2001

Summary

The predictable TCP Initial Sequence Numbers (ISNs) in Windows CE 3.0.9348 present a significant security risk. This vulnerability enables remote attackers to spoof or hijack existing TCP connections, potentially allowing unauthorized access to sensitive data and services. As attackers exploit this weakness, the integrity of network communications is undermined, making it essential for users and organizations to consider mitigations or upgrades.

References

http://www.cs.jhu.edu/~seny/pubs/wince802.pdf

x_refsource_MISC

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Mar 6, 2001
Vulnerability published
Jan 1, 2001