VDB
CVE-2010-2965
CVE-2010-2965
PUBLISHED
CVSS 10 CRITICAL
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.
EPSS 92.35% · 99.7th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
92.35%
99.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| windriver | vxworks | 0 |
| rockwellautomation | 1756-enbt\/a_firmware | 3.6.1, 3.2.6 |
Timeline
- Aug 2, 2010 CVE Published
- Aug 2, 2010 PoC Published
- Feb 4, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- http://www.kb.cert.org/vuls/id/MAPG-86FPQL url
- http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735 url
- VU#362332 third-party-advisory
- https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708 url
- http://www.kb.cert.org/vuls/id/MAPG-86EPFA url
- http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html url
- http://seclists.org/fulldisclosure/2025/Jan/10 url
- https://nvd.nist.gov/vuln/detail/CVE-2010-2965 advisory