Intrusion Prevention

Wind.River.VxWorks.AO-Option.Urgent.Pointer.Integer.Underflow

Description

This indicates an attack attempt against an Integer Underflow Vulnerability on Wind River VxWorks System.
The vulnerability is due to the application failing to perform adequate boundary checks on user supplied data. A remote attacker may be able to exploit this to execute arbitrary code within the system via a crafted request.

Affected Products

VxWorks 7
VxWorks 6.9.3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260

CVE References

CVE-2019-12260