CVE-2019-12255
CRITICAL EPSS 99.5%
Published Aug 9, 20196y ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Published Aug 9, 2019 6y ago
Last Modified Jun 17, 2026 2w ago
Description
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
99.5% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-120
Affected Products 72
| Vendor | Product | Version | Range |
|---|---|---|---|
| windriver | vxworks | * | ≥6.5 – <6.9.4 |
| netapp | e-series_santricity_os_controller | * | ≥8.00 – ≤8.40.50.00 |
| sonicwall | sonicos | * | ≥5.9.0.0 – ≤5.9.0.7 |
| sonicwall | sonicos | * | ≥5.9.1.0. – ≤5.9.1.12 |
| sonicwall | sonicos | * | ≥6.2.0.0 – ≤6.2.3.1 |
| sonicwall | sonicos | * | ≥6.2.4.0 – ≤6.2.4.3 |
| sonicwall | sonicos | * | ≥6.2.5.0 – ≤6.2.5.3 |
| sonicwall | sonicos | * | ≥6.2.6.0 – ≤6.2.6.1 |
| sonicwall | sonicos | * | ≥6.2.7.0 – ≤6.2.7.4 |
| sonicwall | sonicos | * | ≥6.2.9.0 – ≤6.2.9.2 |
| sonicwall | sonicos | * | ≥6.5.0.0 – ≤6.5.0.3 |
| sonicwall | sonicos | * | ≥6.5.1.0 – ≤6.5.1.4 |
| sonicwall | sonicos | * | ≥6.5.2.0 – ≤6.5.2.3 |
| sonicwall | sonicos | * | ≥6.5.3.0 – ≤6.5.3.3 |
| sonicwall | sonicos | * | ≥6.5.4.0. – ≤6.5.4.3 |
| sonicwall | sonicos | 6.2.7.0 | any |
| sonicwall | sonicos | 6.2.7.1 | any |
| sonicwall | sonicos | 6.2.7.7 | any |
| siemens | siprotec_5_firmware | * | <7.91 |
| siemens | siprotec_5 | * | any |
| siemens | siprotec_5_firmware | * | any |
| siemens | siprotec_5 | * | any |
| siemens | siprotec_5_firmware | * | any |
| siemens | siprotec_5 | * | any |
| siemens | power_meter_9410_firmware | * | <2.2.1 |
| siemens | power_meter_9410 | * | any |
| siemens | power_meter_9810_firmware | * | any |
| siemens | power_meter_9810 | * | any |
| siemens | ruggedcom_win7000_firmware | * | <bs5.2.461.17 |
| siemens | ruggedcom_win7000 | * | any |
| siemens | ruggedcom_win7018_firmware | * | <bs5.2.461.17 |
| siemens | ruggedcom_win7018 | * | any |
| siemens | ruggedcom_win7025_firmware | * | <bs5.2.461.17 |
| siemens | ruggedcom_win7025 | * | any |
| siemens | ruggedcom_win7200_firmware | * | <bs5.2.461.17 |
| siemens | ruggedcom_win7200 | * | any |
| belden | hirschmann_hios | * | ≤07.0.07 |
| belden | hirschmann_ees20 | * | any |
| belden | hirschmann_ees25 | * | any |
| belden | hirschmann_eesx20 | * | any |
| belden | hirschmann_eesx30 | * | any |
| belden | hirschmann_grs1020 | * | any |
| belden | hirschmann_grs1030 | * | any |
| belden | hirschmann_grs1042 | * | any |
| belden | hirschmann_grs1120 | * | any |
| belden | hirschmann_grs1130 | * | any |
| belden | hirschmann_grs1142 | * | any |
| belden | hirschmann_msp30 | * | any |
| belden | hirschmann_msp32 | * | any |
| belden | hirschmann_rail_switch_power_lite | * | any |
| belden | hirschmann_rail_switch_power_smart | * | any |
| belden | hirschmann_red25 | * | any |
| belden | hirschmann_rsp20 | * | any |
| belden | hirschmann_rsp25 | * | any |
| belden | hirschmann_rsp30 | * | any |
| belden | hirschmann_rsp35 | * | any |
| belden | hirschmann_rspe30 | * | any |
| belden | hirschmann_rspe32 | * | any |
| belden | hirschmann_rspe35 | * | any |
| belden | hirschmann_rspe37 | * | any |
| belden | hirschmann_hios | * | ≤07.5.01 |
| belden | hirschmann_msp40 | * | any |
| belden | hirschmann_octopus_os3 | * | any |
| belden | hirschmann_hios | * | ≤07.2.04 |
| belden | hirschmann_dragon_mach4000 | * | any |
| belden | hirschmann_dragon_mach4500 | * | any |
| belden | hirschmann_hios | * | ≤05.3.06 |
| belden | hirschmann_eagle_one | * | any |
| belden | hirschmann_eagle20 | * | any |
| belden | hirschmann_eagle30 | * | any |
| belden | garrettcom_magnum_dx940e_firmware | * | ≤1.0.1_y7 |
| belden | garrettcom_magnum_dx940e | * | any |
References 11
- packetstormsecurity.com http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html
- cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
- cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf
- cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf
- psirt.global.sonicwall.com https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009
- security.netapp.com https://security.netapp.com/advisory/ntap-20190802-0001/
- support.f5.com https://support.f5.com/csp/article/K41190253
- support.f5.com https://support.f5.com/csp/article/K41190253?utm_source=f5support&%3Butm_medium=RSS
- support2.windriver.com https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255
- support2.windriver.com https://support2.windriver.com/index.php?page=security-notices
- windriver.com https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.