var-201908-0704
Vulnerability from variot

Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. The vulnerability stems from the improper handling of concurrent access when the network system or product is running and concurrent code needs to access shared resources mutually exclusive. There are currently no detailed details of the vulnerability provided. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could cause an Urgent Pointer state confusion, which could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0704",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "sonicos",
        "version": "*"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.5.0"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.0.3"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.6.0"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.1.4"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.4.0."
      },
      {
        "model": "vxworks",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "windriver",
        "version": "7.0"
      },
      {
        "model": "hirschmann hios",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "belden",
        "version": "07.5.01"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "5.9.0.0"
      },
      {
        "model": "e-series santricity os controller",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "netapp",
        "version": "8.40.50.00"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.7.0"
      },
      {
        "model": "ruggedcom win7000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "bs5.2.461.17"
      },
      {
        "model": "hirschmann hios",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "belden",
        "version": "07.2.04"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.7.4"
      },
      {
        "model": "hirschmann hios",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "belden",
        "version": "05.3.06"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "5.9.1.0."
      },
      {
        "model": "ruggedcom win7200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "bs5.2.461.17"
      },
      {
        "model": "power meter 9810",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "garrettcom magnum dx940e",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "belden",
        "version": "1.0.1_y7"
      },
      {
        "model": "siprotec 5",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.59"
      },
      {
        "model": "sonicos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.7.7"
      },
      {
        "model": "vxworks",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "windriver",
        "version": "6.9.4.12"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.0.0"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.2.3"
      },
      {
        "model": "e-series santricity os controller",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "netapp",
        "version": "8.00"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "5.9.1.12"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.9.0"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.1.0"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.9.2"
      },
      {
        "model": "power meter 9410",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.2.1"
      },
      {
        "model": "sonicos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.7.0"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.3.1"
      },
      {
        "model": "sonicos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.7.1"
      },
      {
        "model": "ruggedcom win7018",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "bs5.2.461.17"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.4.0"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.3.3"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.0.0"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.5.3"
      },
      {
        "model": "vxworks",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "windriver",
        "version": "6.5"
      },
      {
        "model": "ruggedcom win7025",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "bs5.2.461.17"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.4.3"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.2.0"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.2.6.1"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "5.9.0.7"
      },
      {
        "model": "sonicos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.3.0"
      },
      {
        "model": "siprotec 5",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.91"
      },
      {
        "model": "hirschmann hios",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "belden",
        "version": "07.0.07"
      },
      {
        "model": "sonicos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sonicwall",
        "version": "6.5.4.3"
      },
      {
        "model": "e-series santricity os controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "siprotec 5",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sonicos",
        "scope": null,
        "trust": 0.8,
        "vendor": "sonicwall",
        "version": null
      },
      {
        "model": "vxworks",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a6\u30a4\u30f3\u30c9\u30ea\u30d0\u30fc\u682a\u5f0f\u4f1a\u793e",
        "version": null
      },
      {
        "model": "river systems wind river systems vxworks",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wind",
        "version": "6.9"
      },
      {
        "model": "river systems wind river systems vxworks",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wind",
        "version": "6.8"
      },
      {
        "model": "river systems wind river systems vxworks",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wind",
        "version": "6.7"
      },
      {
        "model": "river systems wind river systems vxworks",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wind",
        "version": "6.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "siprotec 5",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "vxworks",
        "version": "6.9.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "vxworks",
        "version": "7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "e series santricity os controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sonicos",
        "version": "6.2.7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sonicos",
        "version": "6.2.7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sonicos",
        "version": "6.2.7.7"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12263"
      }
    ]
  },
  "cve": "CVE-2019-12263",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2019-12263",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2019-25708",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "105f43dd-e73e-463b-843e-0f65bbf82737",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-143992",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.2,
            "id": "CVE-2019-12263",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.1,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-12263",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-12263",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-12263",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-25708",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201907-1493",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "105f43dd-e73e-463b-843e-0f65bbf82737",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-143992",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-12263",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "db": "VULHUB",
        "id": "VHN-143992"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-12263"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12263"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. The vulnerability stems from the improper handling of concurrent access when the network system or product is running and concurrent code needs to access shared resources mutually exclusive. There are currently no detailed details of the vulnerability provided. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could cause an Urgent Pointer state confusion, which could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-12263"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "db": "VULHUB",
        "id": "VHN-143992"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-12263"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-12263",
        "trust": 4.2
      },
      {
        "db": "SIEMENS",
        "id": "SSA-352504",
        "trust": 1.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-189842",
        "trust": 1.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-632562",
        "trust": 1.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-274-01",
        "trust": 1.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-211-01",
        "trust": 1.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSMA-19-274-01",
        "trust": 1.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-1493",
        "trust": 0.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-320-10",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU92598492",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU92467308",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3695.5",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ASB-2019.0224",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3245",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.2856",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "105F43DD-E73E-463B-843E-0F65BBF82737",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-143992",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-12263",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "db": "VULHUB",
        "id": "VHN-143992"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-12263"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12263"
      }
    ]
  },
  "id": "VAR-201908-0704",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "db": "VULHUB",
        "id": "VHN-143992"
      }
    ],
    "trust": 1.4289024700000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      }
    ]
  },
  "last_update_date": "2024-11-23T19:29:10.277000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security\u00a0Notices Siemens Siemens\u00a0Security\u00a0Advisory",
        "trust": 0.8,
        "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
      },
      {
        "title": "Patch for Wind River Systems VxWorks Competition Conditional Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/172961"
      },
      {
        "title": "Wind River Systems VxWorks Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95608"
      },
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=1f919286ef48798d96223ef4d2143337"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=2dd69ca01b84b80e09672fedb1c26f51"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=99fa839be73f2df819a67c27caa912f8"
      },
      {
        "title": "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-19-222"
      },
      {
        "title": "urgent11-poc",
        "trust": 0.1,
        "url": "https://github.com/iweizime/urgent11-poc "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-12263"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-362",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-787",
        "trust": 1.0
      },
      {
        "problemtype": "Buffer error (CWE-119) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-143992"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12263"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=cve-2019-12263"
      },
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12263"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009"
      },
      {
        "trust": 1.8,
        "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
      },
      {
        "trust": 1.8,
        "url": "https://support.f5.com/csp/article/k41190253"
      },
      {
        "trust": 1.8,
        "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
      },
      {
        "trust": 1.8,
        "url": "https://support2.windriver.com/index.php?page=security-notices"
      },
      {
        "trust": 1.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-274-01"
      },
      {
        "trust": 1.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsma-19-274-01"
      },
      {
        "trust": 1.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-211-01"
      },
      {
        "trust": 0.9,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu92467308/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu92598492/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf"
      },
      {
        "trust": 0.6,
        "url": "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks"
      },
      {
        "trust": 0.6,
        "url": "https://fortiguard.com/psirt/fg-ir-19-222"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3695.5/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.2856/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/asb-2019.0224/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3245/"
      },
      {
        "trust": 0.1,
        "url": "https://support2.windriver.com/index.php?page=cve\u0026amp;on=view\u0026amp;id=cve-2019-12263"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/362.html"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=60684"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/iweizime/urgent11-poc"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "db": "VULHUB",
        "id": "VHN-143992"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-12263"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12263"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "db": "VULHUB",
        "id": "VHN-143992"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-12263"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-12263"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-02T00:00:00",
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "date": "2019-08-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "date": "2019-08-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-143992"
      },
      {
        "date": "2019-08-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-12263"
      },
      {
        "date": "2019-08-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "date": "2019-07-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      },
      {
        "date": "2019-08-09T19:15:11.233000",
        "db": "NVD",
        "id": "CVE-2019-12263"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-25708"
      },
      {
        "date": "2019-09-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-143992"
      },
      {
        "date": "2022-08-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-12263"
      },
      {
        "date": "2023-11-21T01:23:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      },
      {
        "date": "2022-03-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      },
      {
        "date": "2024-11-21T04:22:31.140000",
        "db": "NVD",
        "id": "CVE-2019-12263"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Wind\u00a0River\u00a0VxWorks\u00a0 Buffer error vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007851"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "105f43dd-e73e-463b-843e-0f65bbf82737"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-1493"
      }
    ],
    "trust": 0.8
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.