cbcvebase.
CVE-2019-12264
published 2019-08-05

CVE-2019-12264: Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.

PriorityP337high7.1CVSS 3.1
AVAACLPRNUINSUCNILAH
EPSS
8.31%
94.2th percentile
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.

Affected

15 ranges
VendorProductVersion rangeFixed in
beldengarrettcom_magnum_dx940e_firmware<= 1.0.1_y7
beldenhirschmann_hios<= 07.0.07
beldenhirschmann_hios<= 07.5.01
beldenhirschmann_hios<= 07.2.04
beldenhirschmann_hios<= 05.3.06
siemensruggedcom_win7000_firmware< bs5.2.461.17bs5.2.461.17
siemensruggedcom_win7018_firmware< bs5.2.461.17bs5.2.461.17
siemensruggedcom_win7025_firmware< bs5.2.461.17bs5.2.461.17
siemensruggedcom_win7200_firmware< bs5.2.461.17bs5.2.461.17
windrivervxworks
windrivervxworks
windrivervxworks
windrivervxworks
windrivervxworks
windrivervxworks

CVSS provenance

nvdv3.17.1HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
nvdv2.04.8MEDIUMAV:A/AC:L/Au:N/C:N/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.