CVE-2019-12259

Summary

CVE	CVE-2019-12259
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2019-08-09 19:15:00 UTC
Updated	2022-06-16 18:10:00 UTC
Description	Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.

Risk And Classification

Problem Types: CWE-476

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Belden	Garrettcom Magnum Dx940e	-	All	All	All
Operating System	Belden	Garrettcom Magnum Dx940e Firmware	All	All	All	All
Hardware	Belden	Hirschmann Dragon Mach4000	-	All	All	All
Hardware	Belden	Hirschmann Dragon Mach4500	-	All	All	All
Hardware	Belden	Hirschmann Eagle20	-	All	All	All
Hardware	Belden	Hirschmann Eagle30	-	All	All	All
Hardware	Belden	Hirschmann Eagle One	-	All	All	All
Hardware	Belden	Hirschmann Ees20	-	All	All	All
Hardware	Belden	Hirschmann Ees25	-	All	All	All
Hardware	Belden	Hirschmann Eesx20	-	All	All	All
Hardware	Belden	Hirschmann Eesx30	-	All	All	All
Hardware	Belden	Hirschmann Grs1020	-	All	All	All
Hardware	Belden	Hirschmann Grs1030	-	All	All	All
Hardware	Belden	Hirschmann Grs1042	-	All	All	All
Hardware	Belden	Hirschmann Grs1120	-	All	All	All
Hardware	Belden	Hirschmann Grs1130	-	All	All	All
Hardware	Belden	Hirschmann Grs1142	-	All	All	All
Operating System	Belden	Hirschmann Hios	All	All	All	All
Operating System	Belden	Hirschmann Hios	All	All	All	All
Operating System	Belden	Hirschmann Hios	All	All	All	All
Operating System	Belden	Hirschmann Hios	All	All	All	All
Hardware	Belden	Hirschmann Msp30	-	All	All	All
Hardware	Belden	Hirschmann Msp32	-	All	All	All
Hardware	Belden	Hirschmann Msp40	-	All	All	All
Hardware	Belden	Hirschmann Octopus Os3	-	All	All	All
Hardware	Belden	Hirschmann Rail Switch Power Lite	-	All	All	All
Hardware	Belden	Hirschmann Rail Switch Power Smart	-	All	All	All
Hardware	Belden	Hirschmann Red25	-	All	All	All
Hardware	Belden	Hirschmann Rsp20	-	All	All	All
Hardware	Belden	Hirschmann Rsp25	-	All	All	All
Hardware	Belden	Hirschmann Rsp30	-	All	All	All
Hardware	Belden	Hirschmann Rsp35	-	All	All	All
Hardware	Belden	Hirschmann Rspe30	-	All	All	All
Hardware	Belden	Hirschmann Rspe32	-	All	All	All
Hardware	Belden	Hirschmann Rspe35	-	All	All	All
Hardware	Belden	Hirschmann Rspe37	-	All	All	All
Operating System	Netap	E-series Santricity Os Controller	All	All	All	All
Hardware	Siemens	9410 Power Meter	-	All	All	All
Hardware	Siemens	9410 Power Meter	-	All	All	All
Operating System	Siemens	9410 Power Meter Firmware	All	All	All	All
Operating System	Siemens	9410 Power Meter Firmware	All	All	All	All
Hardware	Siemens	9810 Power Meter	-	All	All	All
Hardware	Siemens	9810 Power Meter	-	All	All	All
Operating System	Siemens	9810 Power Meter Firmware	All	All	All	All
Operating System	Siemens	9810 Power Meter Firmware	All	All	All	All
Hardware	Siemens	Ruggedcom Win7000	-	All	All	All
Hardware	Siemens	Ruggedcom Win7000	-	All	All	All
Operating System	Siemens	Ruggedcom Win7000 Firmware	All	All	All	All
Operating System	Siemens	Ruggedcom Win7000 Firmware	All	All	All	All
Hardware	Siemens	Ruggedcom Win7018	-	All	All	All
Hardware	Siemens	Ruggedcom Win7018	-	All	All	All
Operating System	Siemens	Ruggedcom Win7018 Firmware	All	All	All	All
Operating System	Siemens	Ruggedcom Win7018 Firmware	All	All	All	All
Hardware	Siemens	Ruggedcom Win7025	-	All	All	All
Hardware	Siemens	Ruggedcom Win7025	-	All	All	All
Operating System	Siemens	Ruggedcom Win7025 Firmware	All	All	All	All
Operating System	Siemens	Ruggedcom Win7025 Firmware	All	All	All	All
Hardware	Siemens	Ruggedcom Win7200	-	All	All	All
Hardware	Siemens	Ruggedcom Win7200	-	All	All	All
Operating System	Siemens	Ruggedcom Win7200 Firmware	All	All	All	All
Operating System	Siemens	Ruggedcom Win7200 Firmware	All	All	All	All
Operating System	Siemens	Siprotec 5	-	All	All	All
Operating System	Siemens	Siprotec 5	-	All	All	All
Operating System	Siemens	Siprotec 5 Firmware	All	All	All	All
Operating System	Siemens	Siprotec 5 Firmware	All	All	All	All
Operating System	Siemens	Siprotec 5 Firmware	All	All	All	All
Operating System	Siemens	Siprotec 5 Firmware	All	All	All	All
Operating System	Siemens	Siprotec 5 Firmware	All	All	All	All
Operating System	Siemens	Siprotec 5 Firmware	All	All	All	All
Operating System	Sonicwall	Sonicos	6.2.7.0	All	All	All
Operating System	Sonicwall	Sonicos	6.2.7.1	All	All	All
Operating System	Sonicwall	Sonicos	6.2.7.7	All	All	All
Operating System	Sonicwall	Sonicos	6.2.7.0	All	All	All
Operating System	Sonicwall	Sonicos	6.2.7.1	All	All	All
Operating System	Sonicwall	Sonicos	6.2.7.7	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Sonicwall	Sonicos	All	All	All	All
Operating System	Windriver	Vxworks	All	All	All	All
Operating System	Windriver	Vxworks	6.6	All	All	All
Operating System	Windriver	Vxworks	6.7	All	All	All
Operating System	Windriver	Vxworks	6.8	All	All	All
Operating System	Windriver	Vxworks	6.9	All	All	All
Operating System	Windriver	Vxworks	7	All	All	All
Operating System	Windriver	Vxworks	7.0	All	All	All
Operating System	Windriver	Vxworks	7.0	-	All	All
Operating System	Windriver	Vxworks	6.6	All	All	All
Operating System	Windriver	Vxworks	6.7	All	All	All
Operating System	Windriver	Vxworks	6.8	All	All	All
Operating System	Windriver	Vxworks	6.9	All	All	All
Operating System	Windriver	Vxworks	7	All	All	All

References

Reference	Source	Link	Tags
cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf	CONFIRM	cert-portal.siemens.com	Third Party Advisory
Security Advisory	CONFIRM	psirt.global.sonicwall.com	Third Party Advisory
CVE-2019-12259 - Wind River Support Network	CONFIRM	support2.windriver.com	Vendor Advisory
Safety and Security Notices - Wind River Support Network	MISC	support2.windriver.com	Issue Tracking, Vendor Advisory
cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf	CONFIRM	cert-portal.siemens.com	Third Party Advisory
August 2019 VxWorks TCP/IP Stack (IPNET) Vulnerabilities in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com	Third Party Advisory
SECURITY VULNERABILITY RESPONSE INFORMATION - TCP/IP Network Stack (IPnet, Urgent/11)	CONFIRM	www.windriver.com	Vendor Advisory
cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf	CONFIRM	cert-portal.siemens.com	Third Party Advisory
support.f5.com/csp/article/K41190253	CONFIRM	support.f5.com	Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

590639 Siemens RUGGEDCOM Win Transmission Control Protocol (TCP) URGENT/11 Multiple Vulnerabilities (SSA-189842)
590640 Siemens Power Meters Urgent/11 Transmission Control Protocol/Internet Protocol (TCP/IP) Stack Multiple Vulnerabilities (SSA-352504)
590641 Siemens SIPROTEC 5 Ethernet plug-in communication modules and devices Multiple Vulnerabilities (SSA-632562)
590945 ABB REB500 WindRiver VxWorks IPNet Multiple Vulnerabilities (ABBVU-PGGA-REB500-1KHL501885)
590996 Hitachi ABB Power Grids Relion 670/650 series Relion SAM600-IO Multiple Vulnerabilities (1MRG035816)
591010 ABB RTU500 series Multiple Vulnerabilities (ABBVU-PGGA-RTU500-1KGT090327)
591308 ABB AFS66x WindRiver VxWorks IPNet Multiple Vulnerabilities (ABBVU-PGGA-AFS66X-0252019)
591385 Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 Transmission Control Protocol/Internet Protocol (TCP/IP) function Multiple Vulnerabilities (2019-003)