CVE-2019-12262

CRITICAL EPSS 89.5%
Published Aug 14, 20196y ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Critical
Find Similar
Published Aug 14, 2019 6y ago
Last Modified Jun 17, 2026 2w ago

Description

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
89.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 49

VendorProductVersionRange
windrivervxworks6.6any
windrivervxworks6.7any
windrivervxworks6.8any
windrivervxworks6.9any
windrivervxworks7.0any
beldenhirschmann_hios* ≤07.0.07
beldenhirschmann_ees20*any
beldenhirschmann_ees25*any
beldenhirschmann_eesx20*any
beldenhirschmann_eesx30*any
beldenhirschmann_grs1020*any
beldenhirschmann_grs1030*any
beldenhirschmann_grs1042*any
beldenhirschmann_grs1120*any
beldenhirschmann_grs1130*any
beldenhirschmann_grs1142*any
beldenhirschmann_msp30*any
beldenhirschmann_msp32*any
beldenhirschmann_rail_switch_power_lite*any
beldenhirschmann_rail_switch_power_smart*any
beldenhirschmann_red25*any
beldenhirschmann_rsp20*any
beldenhirschmann_rsp25*any
beldenhirschmann_rsp30*any
beldenhirschmann_rsp35*any
beldenhirschmann_rspe30*any
beldenhirschmann_rspe32*any
beldenhirschmann_rspe35*any
beldenhirschmann_rspe37*any
beldenhirschmann_hios* ≤07.5.01
beldenhirschmann_msp40*any
beldenhirschmann_octopus_os3*any
beldenhirschmann_hios* ≤07.2.04
beldenhirschmann_dragon_mach4000*any
beldenhirschmann_dragon_mach4500*any
beldenhirschmann_hios* ≤05.3.06
beldenhirschmann_eagle_one*any
beldenhirschmann_eagle20*any
beldenhirschmann_eagle30*any
beldengarrettcom_magnum_dx940e_firmware* ≤1.0.1_y7
beldengarrettcom_magnum_dx940e*any
siemensruggedcom_win7000_firmware* <bs5.2.461.17
siemensruggedcom_win7000*any
siemensruggedcom_win7018_firmware* <bs5.2.461.17
siemensruggedcom_win7018*any
siemensruggedcom_win7025_firmware* <bs5.2.461.17
siemensruggedcom_win7025*any
siemensruggedcom_win7200_firmware* <bs5.2.461.17
siemensruggedcom_win7200*any

References 4

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
    Third Party Advisory
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf
    Third Party Advisory
  • support.f5.com https://support.f5.com/csp/article/K41190253
    Third Party Advisory
  • support2.windriver.com https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.