Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value

CVE-2019-12256 - VxWorks IPv4 Options Buffer Overflow

Disclosure Date: August 09, 2019 (last updated February 13, 2020)
This vulnerability can be triggered by a specially crafted IP packet sent to the target device, even as a broadcast or multicast packet. It does not require any specific application or configuration to be running on the device, and it affects any device running VxWorks v6.9.4 or above with a network connection. The vulnerability causes a stack overflow in the handling of IP options in the IPv4 header, making it easy to reach RCE by it.
Attacker Value


Last updated October 30, 2019
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.