CVE-2015-3963
published 2015-08-04CVE-2015-3963: Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used…
PriorityP433medium5.8CVSS 2.0
AVNACMAuNCNIPAP
EPSS
3.74%
88.5th percentile
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| windriver | vxworks | — | — |
| windriver | vxworks | — | — |
| windriver | vxworks | — | — |
| windriver | vxworks | — | — |
| windriver | vxworks | 6.5 – 6.6 | — |
| windriver | vxworks | >= 6.7 < 6.7.1.1 | 6.7.1.1 |
| windriver | vxworks | >= 6.8 < 6.8.3 | 6.8.3 |
| windriver | vxworks | >= 6.9 < 6.9.4.4 | 6.9.4.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Wind River VXWorks TCP Predictability Vulnerability in ICS Devices (Update B)
cisa_ics·2016-02-04
Wind River VXWorks TCP Predictability Vulnerability in ICS Devices (Update B)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Wind River VXWorks TCP Predictability Vulnerability in ICS Devices (Update B)
Last RevisedFebruary 04, 2016
Alert CodeICSA-15-169-01B
## OVERVIEW
This updated advisory is a follow-up to the updated advisory titled ICSA-15-169-01A Wind River VxWorks TCP Predictability Vulnerability in ICS Devices that was published November 5, 2015, on the NCCIC/ICS-CERT web site.
Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech National Electric Energy Testing Research and Applications Center, have identified a TCP pre
GHSA
GHSA-76ph-2hxx-gxwj: Wind River VxWorks before 5
ghsa_unreviewed·2022-05-13
CVE-2015-3963 [MEDIUM] CWE-330 GHSA-76ph-2hxx-gxwj: Wind River VxWorks before 5
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01http://www.securityfocus.com/bid/75302http://www.securitytracker.com/id/1032730http://www.securitytracker.com/id/1033181https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01Ahttps://security.netapp.com/advisory/ntap-20160324-0001/http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01http://www.securityfocus.com/bid/75302http://www.securitytracker.com/id/1032730http://www.securitytracker.com/id/1033181https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01Ahttps://security.netapp.com/advisory/ntap-20160324-0001/
2015-08-04
Published