CVE-2019-12261: Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent…

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.

Affected

32 ranges· showing 25

Vendor	Product	Version range	Fixed in
belden	garrettcom_magnum_dx940e_firmware	<= 1.0.1_y7	—
belden	hirschmann_hios	<= 07.0.07	—
belden	hirschmann_hios	<= 07.5.01	—
belden	hirschmann_hios	<= 07.2.04	—
belden	hirschmann_hios	<= 05.3.06	—
netapp	e-series_santricity_os_controller	8.00 – 8.40.50.00	—
oracle	communications_eagle	46.6.0 – 46.8.2	—
siemens	power_meter_9410_firmware	< 2.2.1	2.2.1
siemens	ruggedcom_win7000_firmware	< bs5.2.461.17	bs5.2.461.17
siemens	ruggedcom_win7018_firmware	< bs5.2.461.17	bs5.2.461.17
siemens	ruggedcom_win7025_firmware	< bs5.2.461.17	bs5.2.461.17
siemens	ruggedcom_win7200_firmware	< bs5.2.461.17	bs5.2.461.17
siemens	siprotec_5_firmware	< 7.59	7.59
siemens	siprotec_5_firmware	< 7.91	7.91
sonicwall	sonicos	—	—
sonicwall	sonicos	—	—
sonicwall	sonicos	—	—
sonicwall	sonicos	5.9.0.0 – 5.9.0.7	—
sonicwall	sonicos	5.9.1.0. – 5.9.1.12	—
sonicwall	sonicos	6.2.0.0 – 6.2.3.1	—
sonicwall	sonicos	6.2.4.0 – 6.2.4.3	—
sonicwall	sonicos	6.2.5.0 – 6.2.5.3	—
sonicwall	sonicos	6.2.6.0 – 6.2.6.1	—
sonicwall	sonicos	6.2.7.0 – 6.2.7.4	—
sonicwall	sonicos	6.2.9.0 – 6.2.9.2	—