Vulnerability in N/a
CVE-2019-12255
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
EPSS: 0.822 (99.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- support2.windriver.com/index.php (x_refsource_MISC)
- psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 (x_refsource_CONFIRM)
- cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf (x_refsource_CONFIRM)
- security.netapp.com/advisory/ntap-20190802-0001/ (x_refsource_CONFIRM)
- www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ (x_refsource_CONFIRM)
- support2.windriver.com/index.php (x_refsource_MISC)
- packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html (x_refsource_MISC)
- support.f5.com/csp/article/K41190253 (x_refsource_CONFIRM)
- cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf (x_refsource_CONFIRM)
- support.f5.com/csp/article/K41190253 (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2019-12255?
- CVE-2019-12255 is a vulnerability in N/a. Published 2019-08-09.
- Is CVE-2019-12255 known to be exploited?
- 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.