Home

CVE-2019-9865

Description

When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.

Risk Information

Base Score
8.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.771

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Wind River VxWorks 6.8Windows
Multiple Vulnerabilities are affected in Wind River VxWorks 6.6Windows
Multiple Vulnerabilities are affected in Wind River VxWorks 6.7Windows
Multiple Vulnerabilities are affected in Wind River VxWorks 6.9Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234