Shulou(Shulou.com)06/01 Report--

Recently, VxWorks officially released a security vulnerability announcement that fixed 11 security vulnerabilities discovered and reported by the Armis research team, including 6 that could lead to remote code execution (RCE) vulnerabilities, with a CVE-2019-12256, CVE-2019-12255, and CVE-2019-12260 CVSS score of 9.8. These vulnerabilities exist in VxWorks's TCP/IP stack (IPnet) and affect VxWorks 7 (SR540 and SR610), VxWorks 6.5-6.9, and VxWorks versions that use the Interpeak stand-alone network stack. * users can take advantage of the loopholes to achieve remote * * without user interaction and authentication, and finally take complete control of the relevant devices.

VxWorks is the most widely used real-time operating system deployed in embedded systems in the world. It was designed and developed by American WindRiver (referred to as Fenghe Company, namely WRS) in 1983. VxWorks is used by more than 2 billion devices, including critical infrastructure, network equipment, medical equipment, industrial systems and even spacecraft. It can be said that there are a wide range of applications from PLC to MRI machines, to firewalls and printers, to airplanes, trains and so on.

At present, the Armis research team has released a demonstration video that successfully exploited the vulnerability to control the SonicWall firewall, Xerox printer and patient monitor, but did not release vulnerability-related details or vulnerability verification procedures. Among them, SonicWall and Xerox have officially released relevant vulnerability updates.

From this, we know that Chuangyu 404 Lab actively issued emergency vulnerability warning and recommended that organizations and manufacturers using VxWorks to deploy equipment immediately repair the affected equipment.

Reference:

[1] WindRiver official Security Bulletin: https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/

[2] Armis Research team vulnerability announcement: https://armis.com/urgent11/

[3] sonicwall official Security Bulletin: https://blog.sonicwall.com/en-us/2019/07/wind-river-vxworks-and-urgent-11-patch-now/

[4] xerox official Security Bulletin: https://security.business.xerox.com/en-us/

[5] ZoomEye cyberspace search engine: https://www.zoomeye.org

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.