Sign-up

ID

VAR-201908-0704


CVE

CVE-2019-12263


TITLE

Wind River VxWorks  Buffer error vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2019-007851

DESCRIPTION

Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. The vulnerability stems from the improper handling of concurrent access when the network system or product is running and concurrent code needs to access shared resources mutually exclusive. There are currently no detailed details of the vulnerability provided. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could cause an Urgent Pointer state confusion, which could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system

Trust: 2.52

sources: NVD: CVE-2019-12263 // JVNDB: JVNDB-2019-007851 // CNVD: CNVD-2019-25708 // IVD: 105f43dd-e73e-463b-843e-0f65bbf82737 // VULHUB: VHN-143992 // VULMON: CVE-2019-12263

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 105f43dd-e73e-463b-843e-0f65bbf82737 // CNVD: CNVD-2019-25708

AFFECTED PRODUCTS

vendor:sonicosmodel: - scope:eqversion:*

Trust: 2.4

vendor:sonicwallmodel:sonicosscope:gteversion:6.2.5.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.2.6.1

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.5.0.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:5.9.0.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.5.4.0.

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:gteversion:8.00

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:eqversion:6.2.7.0

Trust: 1.0

vendor:siemensmodel:power meter 9410scope:ltversion:2.2.1

Trust: 1.0

vendor:siemensmodel:ruggedcom win7025scope:ltversion:bs5.2.461.17

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.5.2.3

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:5.9.1.0.

Trust: 1.0

vendor:siemensmodel:ruggedcom win7200scope:ltversion:bs5.2.461.17

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.2.7.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:eqversion:6.2.7.1

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.2.3.1

Trust: 1.0

vendor:beldenmodel:hirschmann hiosscope:lteversion:07.2.04

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.5.1.4

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:eqversion:6.2.7.7

Trust: 1.0

vendor:beldenmodel:hirschmann hiosscope:lteversion:07.0.07

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.2.5.3

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:5.9.1.12

Trust: 1.0

vendor:windrivermodel:vxworksscope:ltversion:6.9.4.12

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.2.9.2

Trust: 1.0

vendor:windrivermodel:vxworksscope:gteversion:6.5

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.2.0.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.2.6.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.5.4.3

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.2.4.3

Trust: 1.0

vendor:siemensmodel:ruggedcom win7000scope:ltversion:bs5.2.461.17

Trust: 1.0

vendor:siemensmodel:power meter 9810scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siprotec 5scope:ltversion:7.59

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.2.7.4

Trust: 1.0

vendor:siemensmodel:siprotec 5scope:ltversion:7.91

Trust: 1.0

vendor:beldenmodel:garrettcom magnum dx940escope:lteversion:1.0.1_y7

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:lteversion:8.40.50.00

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.5.1.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.2.9.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:5.9.0.7

Trust: 1.0

vendor:beldenmodel:hirschmann hiosscope:lteversion:07.5.01

Trust: 1.0

vendor:siemensmodel:ruggedcom win7018scope:ltversion:bs5.2.461.17

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.5.3.0

Trust: 1.0

vendor:beldenmodel:hirschmann hiosscope:lteversion:05.3.06

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.5.0.3

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.5.2.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:gteversion:6.2.4.0

Trust: 1.0

vendor:windrivermodel:vxworksscope:eqversion:7.0

Trust: 1.0

vendor:sonicwallmodel:sonicosscope:lteversion:6.5.3.3

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:siprotec 5scope: - version: -

Trust: 0.8

vendor:sonicwallmodel:sonicosscope: - version: -

Trust: 0.8

vendor:ウインドリバー株式会社model:vxworksscope: - version: -

Trust: 0.8

vendor:windmodel:river systems wind river systems vxworksscope:eqversion:6.9

Trust: 0.6

vendor:windmodel:river systems wind river systems vxworksscope:eqversion:6.8

Trust: 0.6

vendor:windmodel:river systems wind river systems vxworksscope:eqversion:6.7

Trust: 0.6

vendor:windmodel:river systems wind river systems vxworksscope:eqversion:6.6

Trust: 0.6

vendor:siprotec 5model: - scope:eqversion:*

Trust: 0.4

vendor:vxworksmodel: - scope:eqversion:6.9.4

Trust: 0.2

vendor:vxworksmodel: - scope:eqversion:7

Trust: 0.2

vendor:e series santricity os controllermodel: - scope:eqversion:*

Trust: 0.2

vendor:sonicosmodel: - scope:eqversion:6.2.7.0

Trust: 0.2

vendor:sonicosmodel: - scope:eqversion:6.2.7.1

Trust: 0.2

vendor:sonicosmodel: - scope:eqversion:6.2.7.7

Trust: 0.2

sources: IVD: 105f43dd-e73e-463b-843e-0f65bbf82737 // CNVD: CNVD-2019-25708 // JVNDB: JVNDB-2019-007851 // NVD: CVE-2019-12263

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2019-12263
value: HIGH

Trust: 1.8

CNVD: CNVD-2019-25708
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201907-1493
value: HIGH

Trust: 0.6

IVD: 105f43dd-e73e-463b-843e-0f65bbf82737
value: HIGH

Trust: 0.2

VULHUB: VHN-143992
value: MEDIUM

Trust: 0.1

VULMON: CVE-2019-12263
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2019-12263
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.9

CNVD: CNVD-2019-25708
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 105f43dd-e73e-463b-843e-0f65bbf82737
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-143992
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-12263
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 105f43dd-e73e-463b-843e-0f65bbf82737 // CNVD: CNVD-2019-25708 // VULHUB: VHN-143992 // VULMON: CVE-2019-12263 // JVNDB: JVNDB-2019-007851 // NVD: CVE-2019-12263 // CNNVD: CNNVD-201907-1493

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

problemtype:Buffer error (CWE-119) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-119

Trust: 0.1

sources: VULHUB: VHN-143992 // JVNDB: JVNDB-2019-007851 // NVD: CVE-2019-12263

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-1493

TYPE

Buffer error

Trust: 0.8

sources: IVD: 105f43dd-e73e-463b-843e-0f65bbf82737 // CNNVD: CNNVD-201907-1493

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2019-12263

PATCH
title:Security Notices Siemens Siemens Security Advisoryurl:https://security.netapp.com/advisory/ntap-20190802-0001/
Trust: 0.8
title:Patch for Wind River Systems VxWorks Competition Conditional Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/172961
Trust: 0.6
title:Wind River Systems VxWorks Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95608
Trust: 0.6
title:The Registerurl:https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/
Trust: 0.2
title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337
Trust: 0.1
title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51
Trust: 0.1
title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8
Trust: 0.1
title:Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)url:https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222
Trust: 0.1
title:urgent11-pocurl:https://github.com/iweizime/urgent11-poc 
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-25708 // 
            
            
            
            VULMON: CVE-2019-12263 // 
            
            
            
            JVNDB: JVNDB-2019-007851 // 
            
            
            
            CNNVD: CNNVD-201907-1493

EXTERNAL IDS
db:NVDid:CVE-2019-12263
Trust: 4.2
db:SIEMENSid:SSA-352504
Trust: 1.8
db:SIEMENSid:SSA-189842
Trust: 1.8
db:SIEMENSid:SSA-632562
Trust: 1.8
db:ICS CERTid:ICSA-19-274-01
Trust: 1.4
db:ICS CERTid:ICSA-19-211-01
Trust: 1.4
db:ICS CERTid:ICSMA-19-274-01
Trust: 1.4
db:CNNVDid:CNNVD-201907-1493
Trust: 0.9
db:ICS CERTid:ICSA-23-320-10
Trust: 0.9
db:CNVDid:CNVD-2019-25708
Trust: 0.8
db:JVNid:JVNVU92598492
Trust: 0.8
db:JVNid:JVNVU92467308
Trust: 0.8
db:JVNDBid:JVNDB-2019-007851
Trust: 0.8
db:AUSCERTid:ESB-2019.3695.5
Trust: 0.6
db:AUSCERTid:ASB-2019.0224
Trust: 0.6
db:AUSCERTid:ESB-2019.3245
Trust: 0.6
db:AUSCERTid:ESB-2019.2856
Trust: 0.6
db:IVDid:105F43DD-E73E-463B-843E-0F65BBF82737
Trust: 0.2
db:VULHUBid:VHN-143992
Trust: 0.1
db:VULMONid:CVE-2019-12263
Trust: 0.1
sources:
            
            
            IVD: 105f43dd-e73e-463b-843e-0f65bbf82737 // 
            
            
            
            CNVD: CNVD-2019-25708 // 
            
            
            
            VULHUB: VHN-143992 // 
            
            
            
            VULMON: CVE-2019-12263 // 
            
            
            
            JVNDB: JVNDB-2019-007851 // 
            
            
            
            NVD: CVE-2019-12263 // 
            
            
            
            CNNVD: CNNVD-201907-1493

REFERENCES
url:https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12263
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2019-12263
Trust: 2.0
url:https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
Trust: 1.8
url:https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf
Trust: 1.8
url:https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf
Trust: 1.8
url:https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009
Trust: 1.8
url:https://security.netapp.com/advisory/ntap-20190802-0001/
Trust: 1.8
url:https://support.f5.com/csp/article/k41190253
Trust: 1.8
url:https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
Trust: 1.8
url:https://support2.windriver.com/index.php?page=security-notices
Trust: 1.8
url:https://www.us-cert.gov/ics/advisories/icsa-19-274-01
Trust: 1.4
url:https://www.us-cert.gov/ics/advisories/icsma-19-274-01
Trust: 1.4
url:https://www.us-cert.gov/ics/advisories/icsa-19-211-01
Trust: 1.4
url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10
Trust: 0.9
url:https://jvn.jp/vu/jvnvu92467308/
Trust: 0.8
url:https://jvn.jp/vu/jvnvu92598492/index.html
Trust: 0.8
url:https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf
Trust: 0.6
url:https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks
Trust: 0.6
url:https://fortiguard.com/psirt/fg-ir-19-222
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3695.5/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.2856/
Trust: 0.6
url:https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905
Trust: 0.6
url:https://www.auscert.org.au/bulletins/asb-2019.0224/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.3245/
Trust: 0.6
url:https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12263
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/362.html
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/787.html
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=60684
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/iweizime/urgent11-poc
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-25708 // 
            
            
            
            VULHUB: VHN-143992 // 
            
            
            
            VULMON: CVE-2019-12263 // 
            
            
            
            JVNDB: JVNDB-2019-007851 // 
            
            
            
            NVD: CVE-2019-12263 // 
            
            
            
            CNNVD: CNNVD-201907-1493

SOURCES
db:IVDid:105f43dd-e73e-463b-843e-0f65bbf82737
db:CNVDid:CNVD-2019-25708
db:VULHUBid:VHN-143992
db:VULMONid:CVE-2019-12263
db:JVNDBid:JVNDB-2019-007851
db:NVDid:CVE-2019-12263
db:CNNVDid:CNNVD-201907-1493

LAST UPDATE DATE
2023-12-18T10:52:38.218000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-25708date:2019-08-02T00:00:00
db:VULHUBid:VHN-143992date:2019-09-10T00:00:00
db:VULMONid:CVE-2019-12263date:2022-08-12T00:00:00
db:JVNDBid:JVNDB-2019-007851date:2023-11-21T01:23:00
db:NVDid:CVE-2019-12263date:2022-08-12T18:44:49.107
db:CNNVDid:CNNVD-201907-1493date:2022-03-10T00:00:00

SOURCES RELEASE DATE
db:IVDid:105f43dd-e73e-463b-843e-0f65bbf82737date:2019-08-02T00:00:00
db:CNVDid:CNVD-2019-25708date:2019-08-02T00:00:00
db:VULHUBid:VHN-143992date:2019-08-09T00:00:00
db:VULMONid:CVE-2019-12263date:2019-08-09T00:00:00
db:JVNDBid:JVNDB-2019-007851date:2019-08-21T00:00:00
db:NVDid:CVE-2019-12263date:2019-08-09T19:15:11.233
db:CNNVDid:CNNVD-201907-1493date:2019-07-29T00:00:00