Description
An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_misc
https://support2.windriver.com/index.php?page=security-notices
Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12
Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf
Scores
CVSS v3
9.8
EPSS
0.0081
EPSS Percentile
74.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (36)
siemens/ruggedcom_win_subscriber_station_firmware
siemens/scalance_x200-4_p_irt_firmware
siemens/scalance_x201-3p_irt_firmware
siemens/scalance_x201-3p_irt_pro_firmware
siemens/scalance_x202-2_irt_firmware
siemens/scalance_x202-2p_irt_firmware
siemens/scalance_x202-2p_irt_pro_firmware
siemens/scalance_x204-2_firmware
siemens/scalance_x204-2fm_firmware
siemens/scalance_x204-2ld_firmware
... and 26 more
Published
Apr 13, 2021
Tracked Since
Feb 18, 2026