CVE-2021-43268

MEDIUM

VxWorks <7 - Memory Corruption

Title source: llm

Description

An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.

References (1)

[Vendor Advisory] https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268

Scores

CVSS v3 6.5

EPSS 0.0014

EPSS Percentile 34.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Classification

CWE

CWE-415

Status published

Affected Products (1)

windriver/vxworks < 7.0

Timeline

Published Nov 24, 2021

Tracked Since Feb 18, 2026