cbcvebase.
CVE-2019-12259
published 2019-08-09

CVE-2019-12259: Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL…

PriorityP343high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
15.88%
96.5th percentile
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.

Affected

31 ranges· showing 25
VendorProductVersion rangeFixed in
beldengarrettcom_magnum_dx940e_firmware<= 1.0.1_y7
beldenhirschmann_hios<= 07.0.07
beldenhirschmann_hios<= 07.5.01
beldenhirschmann_hios<= 07.2.04
beldenhirschmann_hios<= 05.3.06
siemens9410_power_meter_firmware< 2.2.12.2.1
siemens9810_power_meter_firmware< 2.2.12.2.1
siemensruggedcom_win7000_firmware< bs5.2.461.17bs5.2.461.17
siemensruggedcom_win7018_firmware< bs5.2.461.17bs5.2.461.17
siemensruggedcom_win7025_firmware< bs5.2.461.17bs5.2.461.17
siemensruggedcom_win7200_firmware< bs5.2.461.17bs5.2.461.17
siemenssiprotec_5_firmware< 7.597.59
siemenssiprotec_5_firmware< 7.917.91
sonicwallsonicos
sonicwallsonicos
sonicwallsonicos
sonicwallsonicos5.9.0.0 – 5.9.0.7
sonicwallsonicos5.9.1.0. – 5.9.1.12
sonicwallsonicos6.2.0.0 – 6.2.3.1
sonicwallsonicos6.2.4.0 – 6.2.4.3
sonicwallsonicos6.2.5.0 – 6.2.5.3
sonicwallsonicos6.2.6.0 – 6.2.6.1
sonicwallsonicos6.2.7.0 – 6.2.7.4
sonicwallsonicos6.2.9.0 – 6.2.9.2
sonicwallsonicos6.5.0.0 – 6.5.0.3

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.