CVE-2019-12263

Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.

CVSS v3 8.1 HIGH
CVSS v2.0 6.8 MEDIUM

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf	Third Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009	Third Party Advisory
https://security.netapp.com/advisory/ntap-20190802-0001/	Third Party Advisory
https://support.f5.com/csp/article/K41190253	Third Party Advisory
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12263	Vendor Advisory
https://support2.windriver.com/index.php?page=security-notices	Issue Tracking Vendor Advisory
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:windriver:vxworks::::::::
	cpe:2.3:o:windriver:vxworks:7.0:-::::::

Configuration 2 (hide)

OR	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos:6.2.7.0:::::::*
	cpe:2.3:o:sonicwall:sonicos:6.2.7.1:::::::*
	cpe:2.3:o:sonicwall:sonicos:6.2.7.7:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200

cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300

cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:belden:hirschmann_ees20:-:::::::*
	cpe:2.3:h:belden:hirschmann_ees25:-:::::::*
	cpe:2.3:h:belden:hirschmann_eesx20:-:::::::*
	cpe:2.3:h:belden:hirschmann_eesx30:-:::::::*
	cpe:2.3:h:belden:hirschmann_grs1020:-:::::::*
	cpe:2.3:h:belden:hirschmann_grs1030:-:::::::*
	cpe:2.3:h:belden:hirschmann_grs1042:-:::::::*
	cpe:2.3:h:belden:hirschmann_grs1120:-:::::::*
	cpe:2.3:h:belden:hirschmann_grs1130:-:::::::*
	cpe:2.3:h:belden:hirschmann_grs1142:-:::::::*
	cpe:2.3:h:belden:hirschmann_msp30:-:::::::*
	cpe:2.3:h:belden:hirschmann_msp32:-:::::::*
	cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:::::::*
	cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:::::::*
	cpe:2.3:h:belden:hirschmann_red25:-:::::::*
	cpe:2.3:h:belden:hirschmann_rsp20:-:::::::*
	cpe:2.3:h:belden:hirschmann_rsp25:-:::::::*
	cpe:2.3:h:belden:hirschmann_rsp30:-:::::::*
	cpe:2.3:h:belden:hirschmann_rsp35:-:::::::*
	cpe:2.3:h:belden:hirschmann_rspe30:-:::::::*
	cpe:2.3:h:belden:hirschmann_rspe32:-:::::::*
	cpe:2.3:h:belden:hirschmann_rspe35:-:::::::*
	cpe:2.3:h:belden:hirschmann_rspe37:-:::::::*

Configuration 13 (hide)

AND

cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:belden:hirschmann_msp40:-:::::::*
	cpe:2.3:h:belden:hirschmann_octopus_os3:-:::::::*

Configuration 14 (hide)

AND

cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:::::::*
	cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:::::::*

Configuration 15 (hide)

AND

cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:belden:hirschmann_eagle_one:-:::::::*
	cpe:2.3:h:belden:hirschmann_eagle20:-:::::::*
	cpe:2.3:h:belden:hirschmann_eagle30:-:::::::*

Configuration 16 (hide)

AND

cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*

History

12 Aug 2022, 18:44

Type	Values Removed	Values Added
CPE	cpe:2.3:o:siemens:siprotec_5:-:::::::*

16 Jun 2022, 18:08

Type	Values Removed	Values Added
CPE		cpe:2.3:h:belden:hirschmann_grs1120:-:::::::* cpe:2.3:h:belden:hirschmann_eagle_one:-:::::::* cpe:2.3:h:belden:hirschmann_eagle20:-:::::::* cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:::::::* cpe:2.3:h:belden:hirschmann_grs1030:-:::::::* cpe:2.3:h:belden:hirschmann_ees20:-:::::::* cpe:2.3:h:belden:hirschmann_rspe32:-:::::::* cpe:2.3:h:belden:hirschmann_msp40:-:::::::* cpe:2.3:h:belden:hirschmann_rsp35:-:::::::* cpe:2.3:h:belden:hirschmann_grs1130:-:::::::* cpe:2.3:h:belden:hirschmann_octopus_os3:-:::::::* cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:::::::: cpe:2.3:h:belden:hirschmann_eesx20:-:::::::* cpe:2.3:h:belden:hirschmann_rspe37:-:::::::* cpe:2.3:h:belden:hirschmann_eesx30:-:::::::* cpe:2.3:o:belden:hirschmann_hios:::::::: cpe:2.3:h:belden:hirschmann_rsp30:-:::::::* cpe:2.3:h:belden:hirschmann_msp32:-:::::::* cpe:2.3:h:belden:hirschmann_grs1020:-:::::::* cpe:2.3:h:belden:hirschmann_ees25:-:::::::* cpe:2.3:h:belden:hirschmann_rsp25:-:::::::* cpe:2.3:h:belden:hirschmann_red25:-:::::::* cpe:2.3:h:belden:hirschmann_grs1142:-:::::::* cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:::::::* cpe:2.3:h:belden:hirschmann_msp30:-:::::::* cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:::::::* cpe:2.3:h:belden:hirschmann_rsp20:-:::::::* cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:::::::* cpe:2.3:h:belden:hirschmann_rspe30:-:::::::* cpe:2.3:h:belden:hirschmann_grs1042:-:::::::* cpe:2.3:h:belden:hirschmann_rspe35:-:::::::* cpe:2.3:h:belden:hirschmann_eagle30:-:::::::* cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:::::::*
First Time		Belden hirschmann Rspe30 Belden hirschmann Octopus Os3 Belden hirschmann Rspe32 Belden hirschmann Dragon Mach4500 Belden hirschmann Grs1030 Belden hirschmann Msp32 Belden hirschmann Rsp35 Belden hirschmann Grs1020 Belden hirschmann Grs1042 Belden hirschmann Rspe37 Belden hirschmann Rsp25 Belden hirschmann Rail Switch Power Lite Belden hirschmann Msp40 Belden hirschmann Ees20 Belden hirschmann Rspe35 Belden garrettcom Magnum Dx940e Firmware Belden hirschmann Eagle20 Belden Belden garrettcom Magnum Dx940e Belden hirschmann Ees25 Belden hirschmann Rsp20 Belden hirschmann Grs1130 Belden hirschmann Grs1120 Belden hirschmann Grs1142 Belden hirschmann Eagle30 Belden hirschmann Msp30 Belden hirschmann Eagle One Belden hirschmann Eesx30 Belden hirschmann Rsp30 Belden hirschmann Eesx20 Belden hirschmann Rail Switch Power Smart Belden hirschmann Red25 Belden hirschmann Hios Belden hirschmann Dragon Mach4000

10 Feb 2022, 20:07

Type	Values Removed	Values Added
References	~~(CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf -~~	(CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf - Third Party Advisory
References	~~(CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf -~~	(CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf - Third Party Advisory
CPE	cpe:2.3:o:windriver:vxworks:6.9.4:::::::* cpe:2.3:o:windriver:vxworks:7.0:::::::* cpe:2.3:o:netap:e-series_santricity_os_controller::::::::	cpe:2.3:o:siemens:ruggedcom_win7018_firmware:::::::: cpe:2.3:h:siemens:siprotec_5:-:::::::* cpe:2.3:o:siemens:power_meter_9810_firmware:::::::: cpe:2.3:o:windriver:vxworks:7.0:-:::::: cpe:2.3:o:netapp:e-series_santricity_os_controller:::::::: cpe:2.3:h:siemens:power_meter_9810:-:::::::* cpe:2.3:o:siemens:ruggedcom_win7025_firmware:::::::: cpe:2.3:h:siemens:ruggedcom_win7000:-:::::::* cpe:2.3:h:siemens:ruggedcom_win7200:-:::::::* cpe:2.3:o:siemens:ruggedcom_win7200_firmware:::::::: cpe:2.3:o:siemens:ruggedcom_win7000_firmware:::::::: cpe:2.3:h:siemens:ruggedcom_win7025:-:::::::* cpe:2.3:h:siemens:power_meter_9410:-:::::::* cpe:2.3:o:siemens:power_meter_9410_firmware:::::::: cpe:2.3:o:windriver:vxworks:::::::: cpe:2.3:h:siemens:ruggedcom_win7018:-:::::::*
First Time		Siemens ruggedcom Win7025 Siemens ruggedcom Win7025 Firmware Netapp e-series Santricity Os Controller Netapp Siemens ruggedcom Win7018 Firmware Siemens power Meter 9410 Siemens ruggedcom Win7018 Siemens power Meter 9810 Siemens ruggedcom Win7200 Firmware Siemens ruggedcom Win7000 Siemens power Meter 9410 Firmware Siemens ruggedcom Win7200 Siemens ruggedcom Win7000 Firmware Siemens power Meter 9810 Firmware

07 Sep 2021, 14:41

Type	Values Removed	Values Added
CPE	cpe:2.3:o:windriver:vxworks:7:::::::*	cpe:2.3:o:windriver:vxworks:7.0:::::::*
CWE	~~CWE-119~~	CWE-787 CWE-362

Information

Published : 2019-08-09 19:15

Updated : 2023-12-10 12:59

NVD link : CVE-2019-12263

Mitre link : CVE-2019-12263

CVE.ORG link : CVE-2019-12263

JSON object : View

Products Affected

belden

hirschmann_rsp25
hirschmann_msp32
hirschmann_ees25
hirschmann_rail_switch_power_lite
hirschmann_grs1142
hirschmann_rsp20
hirschmann_eesx30
hirschmann_grs1120
hirschmann_msp30
hirschmann_rspe35
hirschmann_rspe37
garrettcom_magnum_dx940e
hirschmann_dragon_mach4000
hirschmann_rspe30
hirschmann_eesx20
hirschmann_eagle20
hirschmann_eagle30
hirschmann_eagle_one
hirschmann_grs1130
hirschmann_rsp35
hirschmann_grs1042
hirschmann_octopus_os3
hirschmann_msp40
hirschmann_rspe32
hirschmann_rsp30
hirschmann_dragon_mach4500
hirschmann_rail_switch_power_smart
hirschmann_ees20
hirschmann_hios
hirschmann_grs1030
garrettcom_magnum_dx940e_firmware
hirschmann_grs1020
hirschmann_red25

siemens

power_meter_9810
siprotec_5_firmware
ruggedcom_win7025_firmware
ruggedcom_win7018
ruggedcom_win7200
siprotec_5
power_meter_9410_firmware
ruggedcom_win7000
power_meter_9410
ruggedcom_win7000_firmware
ruggedcom_win7018_firmware
ruggedcom_win7025
ruggedcom_win7200_firmware
power_meter_9810_firmware

windriver

vxworks

netapp

e-series_santricity_os_controller

sonicwall

sonicos

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-787

Out-of-bounds Write

8.1 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2019-12263

8.1^/10

6.8^/10

Attach tags to `CVE-2019-12263`