2. Four RCE vulnerabilities in the TCP layer (CVE-2019-12255, CVE-2019-12260, CVE-2019-12261 & CVE-2019-12263)
3. One RCE vulnerability in the IPnet’s built-in DHCP client, ipdhcpc (CVE-2019-12257)
Астрологи объявили неделю сокращения количества непуганых идиотов. Кроме того, показательно что дыры нашла сторонняя контора по своей инициативе (т.е. не нанятая для пентеста).
The impact of serious vulnerabilities in popular RTOSs is great and not well understood to date. On top of all that, the codebases of those RTOSs are usually closed sourced, and in most cases, receive little security research into them.
URGENT/11 is a set of 11 vulnerabilities found to affect IPnet, VxWorks’ TCP/IP stack. Six of the vulnerabilities are classified as critical and enable Remote Code Execution (RCE).
The wide range of affected versions spanning over the last 13 years is a rare occrrence in the cyber arena and is the result of VxWorks’ relative obscurity in the research community. This timespan might be even longer, as according to Wind River, three of the vulnerabilities have already existed in IPnet when it was acquired from Interpeak in 2006.