CVE-2019-12257: Buffer Overflow
First published: Fri Aug 09 2019(Updated: )
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wind River VxWorks | >=6.5<6.9.4 | |
| SonicWall SonicOS | >=5.9.0.0<=5.9.0.7 | |
| SonicWall SonicOS | >=5.9.1.0.<=5.9.1.12 | |
| SonicWall SonicOS | >=6.2.0.0<=6.2.3.1 | |
| SonicWall SonicOS | >=6.2.4.0<=6.2.4.3 | |
| SonicWall SonicOS | >=6.2.5.0<=6.2.5.3 | |
| SonicWall SonicOS | >=6.2.6.0<=6.2.6.1 | |
| SonicWall SonicOS | >=6.2.7.0<=6.2.7.4 | |
| SonicWall SonicOS | >=6.2.9.0<=6.2.9.2 | |
| SonicWall SonicOS | >=6.5.0.0<=6.5.0.3 | |
| SonicWall SonicOS | >=6.5.1.0<=6.5.1.4 | |
| SonicWall SonicOS | >=6.5.2.0<=6.5.2.3 | |
| SonicWall SonicOS | >=6.5.3.0<=6.5.3.3 | |
| SonicWall SonicOS | >=6.5.4.0.<=6.5.4.3 | |
| SonicWall SonicOS | =6.2.7.0 | |
| SonicWall SonicOS | =6.2.7.1 | |
| SonicWall SonicOS | =6.2.7.7 | |
| Siemens SIPROTEC firmware | <7.59 | |
| Siemens SIPROTEC firmware | ||
| NetApp E-Series SANtricity OS Controller | >=8.00<=8.40.50.00 | |
| Siemens SIPROTEC firmware | <7.91 | |
| Siemens RuggedCom Win7000 | <bs5.2.461.17 | |
| Siemens Ruggedcom Win7000 Firmware | ||
| Siemens RuggedCom WIN7018 Firmware | <bs5.2.461.17 | |
| Siemens RuggedCom WIN7018 Firmware | ||
| Siemens Ruggedcom Win7025 Firmware | <bs5.2.461.17 | |
| Siemens Ruggedcom Win7025 Firmware | ||
| Siemens Ruggedcom WIN7200 Firmware | <bs5.2.461.17 | |
| Siemens Ruggedcom WIN7200 Firmware | ||
| Belden Hirschmann HIOS | <=07.0.07 | |
| Belden Hirschmann EES20 | ||
| Belden Hirschmann EES25 | ||
| Belden Hirschmann EESX20 | ||
| Belden Hirschmann EESX30 | ||
| Belden Hirschmann GRS1020 | ||
| Belden Hirschmann GRS1030 | ||
| Belden Hirschmann GRS1042 | ||
| Belden Hirschmann GRS1120 | ||
| Belden Hirschmann GRS1130 | ||
| Belden Hirschmann GRS1142 | ||
| Belden Hirschmann MSP30 | ||
| Belden Hirschmann MSP32 | ||
| Belden Hirschmann Rail Switch Power Lite | ||
| Belden Hirschmann Rail Switch Power Smart | ||
| Belden Hirschmann RED25 | ||
| Belden Hirschmann RSP20 | ||
| Belden Hirschmann RSP25 | ||
| Belden Hirschmann RSP30 | ||
| Belden Hirschmann RSP35 | ||
| Belden Hirschmann RSP-E30 | ||
| Belden Hirschmann RSPE32 | ||
| Belden Hirschmann RSPE35 | ||
| Belden Hirschmann RSPE37 | ||
| Belden Hirschmann HIOS | <=07.5.01 | |
| Belden Hirschmann MSP40 | ||
| Belden Hirschmann Octopus | ||
| Belden Hirschmann HIOS | <=07.2.04 | |
| Belden Hirschmann Dragon MACH4000 | ||
| Belden Hirschmann Dragon MACH4500 | ||
| Belden Hirschmann HIOS | <=05.3.06 | |
| Eagle One | ||
| Belden Eagle 20 Tofino | ||
| Belden Hirschmann Eagle30 | ||
| Garrettcom Magnum DX940E | <=1.0.1_y7 | |
| Garrettcom Magnum DX940E |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009
- https://security.netapp.com/advisory/ntap-20190802-0001/
- https://support.f5.com/csp/article/K41190253
- https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12257
- https://support2.windriver.com/index.php?page=security-notices
- https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
Frequently Asked Questions
What is the severity of CVE-2019-12257?
CVE-2019-12257 is rated as a high-severity vulnerability due to its potential for remote code execution through a buffer overflow in the DHCP client.
How do I fix CVE-2019-12257?
To address CVE-2019-12257, users should update their Wind River VxWorks or SonicWall SonicOS versions to the latest patches provided by the vendors.
What types of devices are affected by CVE-2019-12257?
CVE-2019-12257 affects devices running Wind River VxWorks 6.6 to 6.9 and various versions of SonicWall SonicOS.
What can attackers achieve through CVE-2019-12257?
Exploiting CVE-2019-12257 could allow attackers to execute arbitrary code remotely, leading to unauthorized access and system control.
Is there any mitigation for CVE-2019-12257 if I cannot patch immediately?
While waiting for patches, disabling the DHCP client or restricting access to affected devices may help mitigate the risk from CVE-2019-12257.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/windriver
- canonical/wind river vxworks
- version/wind river vxworks/6.5
- vendor/sonicwall
- canonical/sonicwall sonicos
- version/sonicwall sonicos/5.9.0.0
- version/sonicwall sonicos/5.9.0.7
- version/sonicwall sonicos/5.9.1.0.
- version/sonicwall sonicos/5.9.1.12
- version/sonicwall sonicos/6.2.0.0
- version/sonicwall sonicos/6.2.3.1
- version/sonicwall sonicos/6.2.4.0
- version/sonicwall sonicos/6.2.4.3
- version/sonicwall sonicos/6.2.5.0
- version/sonicwall sonicos/6.2.5.3
- version/sonicwall sonicos/6.2.6.0
- version/sonicwall sonicos/6.2.6.1
- version/sonicwall sonicos/6.2.7.0
- version/sonicwall sonicos/6.2.7.4
- version/sonicwall sonicos/6.2.9.0
- version/sonicwall sonicos/6.2.9.2
- version/sonicwall sonicos/6.5.0.0
- version/sonicwall sonicos/6.5.0.3
- version/sonicwall sonicos/6.5.1.0
- version/sonicwall sonicos/6.5.1.4
- version/sonicwall sonicos/6.5.2.0
- version/sonicwall sonicos/6.5.2.3
- version/sonicwall sonicos/6.5.3.0
- version/sonicwall sonicos/6.5.3.3
- version/sonicwall sonicos/6.5.4.0.
- version/sonicwall sonicos/6.5.4.3
- version/sonicwall sonicos/6.2.7.1
- version/sonicwall sonicos/6.2.7.7
- vendor/siemens
- canonical/siemens siprotec firmware
- vendor/netapp
- canonical/netapp e-series santricity os controller
- version/netapp e-series santricity os controller/8.00
- version/netapp e-series santricity os controller/8.40.50.00
- canonical/siemens ruggedcom win7000
- canonical/siemens ruggedcom win7000 firmware
- canonical/siemens ruggedcom win7018 firmware
- canonical/siemens ruggedcom win7025 firmware
- canonical/siemens ruggedcom win7200 firmware
- vendor/belden
- canonical/belden hirschmann hios
- version/belden hirschmann hios/07.0.07
- canonical/belden hirschmann ees20
- canonical/belden hirschmann ees25
- canonical/belden hirschmann eesx20
- canonical/belden hirschmann eesx30
- canonical/belden hirschmann grs1020
- canonical/belden hirschmann grs1030
- canonical/belden hirschmann grs1042
- canonical/belden hirschmann grs1120
- canonical/belden hirschmann grs1130
- canonical/belden hirschmann grs1142
- canonical/belden hirschmann msp30
- canonical/belden hirschmann msp32
- canonical/belden hirschmann rail switch power lite
- canonical/belden hirschmann rail switch power smart
- canonical/belden hirschmann red25
- canonical/belden hirschmann rsp20
- canonical/belden hirschmann rsp25
- canonical/belden hirschmann rsp30
- canonical/belden hirschmann rsp35
- canonical/belden hirschmann rsp-e30
- canonical/belden hirschmann rspe32
- canonical/belden hirschmann rspe35
- canonical/belden hirschmann rspe37
- version/belden hirschmann hios/07.5.01
- canonical/belden hirschmann msp40
- canonical/belden hirschmann octopus
- version/belden hirschmann hios/07.2.04
- canonical/belden hirschmann dragon mach4000
- canonical/belden hirschmann dragon mach4500
- version/belden hirschmann hios/05.3.06
- canonical/eagle one
- canonical/belden eagle 20 tofino
- canonical/belden hirschmann eagle30
- canonical/garrettcom magnum dx940e
- version/garrettcom magnum dx940e/1.0.1_y7