Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-12258

Published: 09/08/2019 Updated: 12/08/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 581
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Windriver

Vulnerability Summary

Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

windriver vxworks 7.0

windriver vxworks

sonicwall sonicos

sonicwall sonicos 6.2.7.1

sonicwall sonicos 6.2.7.7

sonicwall sonicos 6.2.7.0

siemens siprotec_5_firmware

netapp e-series santricity os controller

siemens power_meter_9410_firmware

siemens power_meter_9810_firmware

siemens ruggedcom_win7000_firmware

siemens ruggedcom_win7018_firmware

siemens ruggedcom_win7025_firmware

siemens ruggedcom_win7200_firmware

belden hirschmann_hios

belden garrettcom_magnum_dx940e_firmware

ICS Advisories

https://ics-cert.us-cert.gov/advisories/5680a4f01b22d6b8ba7e564ef42d6eb4
Critical Infrastructure Sectors: Critical Manufacturing

Exploits

Exploit DB: URGENT/11 Scanner, Based on Detection Tool by Armis
This module detects VxWorks and the IPnet IP stack, along with devices vulnerable to CVE-2019-12258 ...
Exploit DB: URGENT/11 Scanner, Based on Detection Tool by Armis
This module detects VxWorks and the IPnet IP stack, along with devices vulnerable to CVE-2019-12258 ...

Metasploit Modules

URGENT/11 Scanner, Based on Detection Tool by Armis

This module detects VxWorks and the IPnet IP stack, along with devices vulnerable to CVE-2019-12258.

msf > use auxiliary/scanner/vxworks/urgent11_check
msf auxiliary(urgent11_check) > show actions
    ...actions...
msf auxiliary(urgent11_check) > set ACTION < action-name >
msf auxiliary(urgent11_check) > show options
    ...show and set options...
msf auxiliary(urgent11_check) > run
URGENT/11 Scanner, Based on Detection Tool by Armis

This module detects VxWorks and the IPnet IP stack, along with devices vulnerable to CVE-2019-12258.

msf > use auxiliary/scanner/vxworks/urgent11_check
msf auxiliary(urgent11_check) > show actions
    ...actions...
msf auxiliary(urgent11_check) > set ACTION < action-name >
msf auxiliary(urgent11_check) > show options
    ...show and set options...
msf auxiliary(urgent11_check) > run

Github Repositories

https://github.com/ArmisSecurity/urgent11-detector

URGENT/11 detection tool by Armis

urgent11-detector urgent11-detector is a tool to detect whether a device is running the Interpeak IPnet TCP/IP stack, and is thus at risk from the URGENT/11 vulnerabilities Motivation In light of recent discoveries (see armiscom/urgent11), we decided to develop a tool designed to detect whether a device is using Interpeak's IPnet TCP/IP stack, regardless of the R

https://github.com/sud0woodo/Urgent11-Suricata-LUA-scripts

Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260

Urgent11-Suricata-LUA-scripts Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260 CVE-2019-12255 The script checks for CVE-2019-12255, the packet that is checked needs to have the PSH, ACK, and URG flags set, and have a payload size that exceeds 1500 bytes It then checks if the value of the urgent pointer is set to 0, this will cau

Recent Articles

Oh sh*t's, 11: VxWorks stars in today's security thriller – hijack bugs discovered in countless gadgets' network code
The Register • Shaun Nichols in San Francisco • 29 Jul 2019

Equipment in hospitals, factories, offices, etc potentially vulnerable to attack Intel flogs off Wind River after it failed to deliver mobile supremacy NASA rover coders at Intel's Wind River biz axed – sources

Wind River has patched 11 security vulnerabilities in VxWorks that can be potentially exploited over networks or the internet to commandeer all sorts of equipment dotted around the planet. This real-time operating system powers car electronics, factory robots and controllers, aircraft and spacecraft, wireless routers, medical equipment, digital displays, and plenty of other stuff – so if you deploy a vulnerable version of VxWorks, and it is network or internet-connected, you definitely want to...

Read more...

References

CWE-384https://support2.windriver.com/index.php?page=security-noticeshttps://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdfhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009https://security.netapp.com/advisory/ntap-20190802-0001/https://support.f5.com/csp/article/K41190253https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdfhttps://nvd.nist.govhttps://github.com/ArmisSecurity/urgent11-detectorhttps://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook