Description
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75302
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032730
Patch, Third Party Advisory x_refsource_confirm
http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033181
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20160324-0001/
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01
Scores
EPSS
0.0374
EPSS Percentile
88.4%
Details
CWE
CWE-330
Status
published
Products (5)
windriver/vxworks
6.6.3
windriver/vxworks
6.6.4
windriver/vxworks
6.6.4.1
windriver/vxworks
7.0
windriver/vxworks
6.5 - 6.6
Published
Aug 04, 2015
Tracked Since
Feb 18, 2026