#VU19588 Memory leak in VxWorks - CVE-2019-12265

Cybersecurity Help s.r.o.

Published: 2019-07-31 | Updated: 2023-01-03

Vulnerability identifier: #VU19588

Vulnerability risk: Low

CVSSv4.0: 5.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2019-12265

CWE-ID: CWE-401

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
VxWorks
Operating systems & Components / Operating system

Vendor: Wind River Systems, Inc.

Description
The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due memory leak when processing IGMPv3 packets. A remote attacker can create a fragmented IGMPv3 query report and read memory contents in the response message.

Mitigation

Install updates from vendor's website.

The vulnerability is fixed in VxWorks 6.9 and 7.

Vulnerable software versions

VxWorks: 6.6 - 7

External links
https://ics-cert.us-cert.gov/advisories/icsa-19-211-01
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Siemens SIPROTEC 4 7SJ66 Devices

Multiple vulnerabilities in Wind River VxWorks