CVE-2019-7711

HIGH

Green Hills INTEGRITY RTOS 5.0.4 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-7711. PoCs published by kaleth4, mbanyamer.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2019-7711, a format string vulnerability in Green Hills INTEGRITY RTOS 5.0.4's Telnet service, allowing remote information leakage and potential control flow hijacking via crafted format strings.

Description

An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the (user controlled) shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses.

Exploits (2)

nomisec WORKING POC

by kaleth4 · poc

https://github.com/kaleth4/CVE-2019-7711

View Code ZIP pw:eip

The repository contains a functional exploit for CVE-2019-7711, a format string vulnerability in Green Hills INTEGRITY RTOS 5.0.4's Telnet service, allowing remote information leakage and potential control flow hijacking via crafted format strings.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Green Hills INTEGRITY RTOS 5.0.4 (IPCOMShell/Telnet)

Auth required

Prerequisites: Telnet access to the target system · Valid credentials for authentication

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed May 19, 2026 Full analysis →

nomisec WORKING POC

by mbanyamer · poc

https://github.com/mbanyamer/RTOS-F-16-Exploit---CVE-2019-7711

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2019-7711, a format string vulnerability in Green Hills INTEGRITY RTOS 5.0.4. The exploit demonstrates a full attack chain targeting the F-16 avionics system during ground maintenance, including memory leak, arbitrary write, and control flow hijack.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Green Hills INTEGRITY RTOS 5.0.4 with Interpeak IPCOMShell

Auth required

Prerequisites: Access to vulnerable TELNET maintenance interface · Valid credentials (admin/password)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 19, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

https://github.com/bl4ckic3/GHS-Bugs

Vendor Advisory x_refsource_misc

https://www.ghs.com/products/rtos/integrity.html

Scores

CVSS v3 7.5

EPSS 0.0149

EPSS Percentile 70.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-134

Status published

Products (1)

ghs/integrity_rtos 5.0.4

Published Mar 26, 2019

Tracked Since Feb 18, 2026