CVE-2019-12260

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2019-12260
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf Third Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 Third Party Advisory
https://security.netapp.com/advisory/ntap-20190802-0001/ Third Party Advisory
https://support.f5.com/csp/article/K41190253 Third Party Advisory
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260 Vendor Advisory
https://support2.windriver.com/index.php?page=security-notices Issue Tracking Vendor Advisory
https://www.oracle.com//security-alerts/cpujul2021.html Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html Third Party Advisory
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200
cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300
cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*

Configuration 12 (hide)

cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*
OR cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*
OR cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*
OR cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*
OR cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*
History

12 Aug 2022, 18:44

Type Values Removed Values Added
CPE cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*

16 Jun 2022, 18:07

Type Values Removed Values Added
CPE cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*
cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*
cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*
cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*
First Time Belden hirschmann Rspe30
Belden hirschmann Octopus Os3
Belden hirschmann Rspe32
Belden hirschmann Dragon Mach4500
Belden hirschmann Grs1030
Belden hirschmann Msp32
Belden hirschmann Rsp35
Belden hirschmann Grs1020
Belden hirschmann Grs1042
Belden hirschmann Rspe37
Belden hirschmann Rsp25
Belden hirschmann Rail Switch Power Lite
Belden hirschmann Msp40
Belden hirschmann Ees20
Belden hirschmann Rspe35
Belden garrettcom Magnum Dx940e Firmware
Belden hirschmann Eagle20
Belden
Belden garrettcom Magnum Dx940e
Belden hirschmann Ees25
Belden hirschmann Rsp20
Belden hirschmann Grs1130
Belden hirschmann Grs1120
Belden hirschmann Grs1142
Belden hirschmann Eagle30
Belden hirschmann Msp30
Belden hirschmann Eagle One
Belden hirschmann Eesx30
Belden hirschmann Rsp30
Belden hirschmann Eesx20
Belden hirschmann Rail Switch Power Smart
Belden hirschmann Red25
Belden hirschmann Hios
Belden hirschmann Dragon Mach4000

10 Feb 2022, 20:05

Type Values Removed Values Added
First Time Siemens ruggedcom Win7025
Siemens ruggedcom Win7025 Firmware
Netapp e-series Santricity Os Controller
Oracle
Netapp
Siemens ruggedcom Win7018 Firmware
Siemens power Meter 9410
Siemens ruggedcom Win7018
Siemens power Meter 9810
Siemens ruggedcom Win7200 Firmware
Siemens ruggedcom Win7000
Siemens power Meter 9410 Firmware
Siemens ruggedcom Win7200
Oracle communications Eagle
Siemens ruggedcom Win7000 Firmware
Siemens power Meter 9810 Firmware
CWE CWE-787 CWE-120
CPE cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*
cpe:2.3:o:netap:e-series_santricity_os_controller:*:*:*:*:*:*:*:*		 cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*
cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf - Third Party Advisory
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf - Third Party Advisory
References (N/A) https://www.oracle.com//security-alerts/cpujul2021.html - (N/A) https://www.oracle.com//security-alerts/cpujul2021.html - Third Party Advisory
References (MISC) https://www.oracle.com/security-alerts/cpuoct2020.html - (MISC) https://www.oracle.com/security-alerts/cpuoct2020.html - Third Party Advisory

07 Sep 2021, 14:41

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com//security-alerts/cpujul2021.html -
CPE cpe:2.3:o:windriver:vxworks:7:*:*:*:*:*:*:* cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*
CWE CWE-119 CWE-787

20 Jul 2021, 23:15

Type Values Removed Values Added
CPE cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*
Information

Published : 2019-08-09 21:15

Updated : 2023-12-10 12:59

NVD link : CVE-2019-12260

Mitre link : CVE-2019-12260

CVE.ORG link : CVE-2019-12260

JSON object : View

Products Affected

belden

  • hirschmann_rsp25
  • hirschmann_msp32
  • hirschmann_ees25
  • hirschmann_rail_switch_power_lite
  • hirschmann_grs1142
  • hirschmann_rsp20
  • hirschmann_eesx30
  • hirschmann_grs1120
  • hirschmann_msp30
  • hirschmann_rspe35
  • hirschmann_rspe37
  • garrettcom_magnum_dx940e
  • hirschmann_dragon_mach4000
  • hirschmann_rspe30
  • hirschmann_eesx20
  • hirschmann_eagle20
  • hirschmann_eagle30
  • hirschmann_eagle_one
  • hirschmann_grs1130
  • hirschmann_rsp35
  • hirschmann_grs1042
  • hirschmann_octopus_os3
  • hirschmann_msp40
  • hirschmann_rspe32
  • hirschmann_rsp30
  • hirschmann_dragon_mach4500
  • hirschmann_rail_switch_power_smart
  • hirschmann_ees20
  • hirschmann_hios
  • hirschmann_grs1030
  • garrettcom_magnum_dx940e_firmware
  • hirschmann_grs1020
  • hirschmann_red25

oracle

  • communications_eagle

siemens

  • power_meter_9810
  • siprotec_5_firmware
  • ruggedcom_win7025_firmware
  • ruggedcom_win7018
  • ruggedcom_win7200
  • siprotec_5
  • power_meter_9410_firmware
  • ruggedcom_win7000
  • power_meter_9410
  • ruggedcom_win7000_firmware
  • ruggedcom_win7018_firmware
  • ruggedcom_win7025
  • ruggedcom_win7200_firmware
  • power_meter_9810_firmware

windriver

  • vxworks

netapp

  • e-series_santricity_os_controller

sonicwall

  • sonicos
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')