CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-9865

When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.1%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

References

https://support2.windriver.com/index.php?page=security-notices
https://www.windriver.com/feeds/wind_river_security_notices.xml
https://support2.windriver.com/index.php?page=security-notices
https://www.windriver.com/feeds/wind_river_security_notices.xml

Products affected by CVE-2019-9865

Windriver » Vxworks » Version: 6.6

cpe:2.3:o:windriver:vxworks:6.6
Windriver » Vxworks » Version: 6.7

cpe:2.3:o:windriver:vxworks:6.7
Windriver » Vxworks » Version: 6.8

cpe:2.3:o:windriver:vxworks:6.8
Windriver » Vxworks » Version: 6.9

cpe:2.3:o:windriver:vxworks:6.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9865

Products

Pricing

Contact Us