Intrusion Prevention

Wind.River.VxWorks.IP.Option.Handling.Stack.Overflow

Description

This indicates an attempt to exploit a Stack Overflow Vulnerability in Wind River VxWorks System.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted packet. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted packet.

Affected Products

VxWorks 6.9
VxWorks 7

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/

CVE References

CVE-2019-12256