Product Bulletin #: 1080
Updated: August 12, 2019

Subject: Security Advisory: Wind River VxWorks Vulnerabilities (URGENT/11)

Summary: Wind River® has recently announced a number of vulnerabilities in their VxWorks TCP/IP stack, which are utilized by some of TippingPoint’s hardware appliance products for local embedded device management. This issue does not impact the IPS inspection engine, and there is no direct vector of attack of the TippingPoint appliance via the segment ports. The issue is related solely to the NX-Series dedicated management network port. At this time, there is no known or proven way to exploit TippingPoint products.

Impacted Products:

• All NX-Series (2600NX, 5200NX, 6200NX, 7100NX, 7500NX) running TOS v3.9.4 and earlier

Non-Impacted Products:

• SMS - all versions
• S-Series (S10, S110, S330)
• N-Series (660N, 1400N, 2500N, 5100N, 6100N)
• T/TX-Series (vTPS, 440T, 2200T, 8200TX, 8400TX)

Recommendations: Trend Micro TippingPoint strongly recommends that appliance management be performed via a dedicated management network with restricted access, and only accessible via trusted sources. For additional details and best practices on configuring the IPS management port, including access restrictions, click here. TippingPoint has actively worked Wind River to patch this vulnerability and has been addressed with the release of TOS v3.9.5.

References: Wind River has disclosed a total of 11 vulnerabilities, of which the following are relevant to the TippingPoint NX-Series management network port.
 

CVE #	Filter #
CVE-2019-12255	13871, 35844
CVE-2019-12258	50
CVE-2019-12263	13871, 35844

Vendor Advisory

https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/

https://armis.com/urgent11/

For questions or technical assistance, on any TippingPoint product, contact the TippingPoint Technical Assistance Center (TAC).

Thank you,
Trend Micro™ TippingPoint

For updated contact information, please click here.