CVE-2022-23937 — Vulnetix

CVE-2022-23937 PUBLISHED

Es existiert eine Schwachstelle in Wind River VxWorks. Der Fehler besteht aufgrund eines Out-of-bounds-Read während eines initialen IKE-Austauschs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.

EPSS 0.18% · 40.0th percentile

Risk Scores

EPSS Score

0.18%

40.0th percentile

Affected Products

Vendor	Product	Versions
Wind River	Wind River VxWorks 7
Hitachi Energy	Hitachi Energy RTU500
Wind River	Wind River VxWorks 6.9

Exploit Intelligence

https://support2.windriver.com/index.php?page=security-notices (circl)
https://support2.windriver.com/index.php?page=cve&pg=21#list (circl)

Timeline

Mar 28, 2022 CVE Published
Mar 29, 2022 EPSS Score
Apr 6, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 9, 2022 EPSS Score
Aug 29, 2022 EPSS Score
Oct 19, 2022 EPSS Score
Dec 9, 2022 EPSS Score
Jan 29, 2023 EPSS Score
Mar 20, 2023 EPSS Score
May 10, 2023 EPSS Score
Jun 30, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-2190.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2190 advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000153-CSAF&LanguageCode=en&DocumentPartId=&Action=Launch advisory
https://nvd.nist.gov/vuln/detail/CVE-2022-23937 advisory

Open in Interactive Console →