Updated: August 12, 2019
Subject: Security Advisory: Wind River VxWorks Vulnerabilities (URGENT/11)
Summary: Wind River® has recently announced a number of vulnerabilities in their VxWorks TCP/IP stack, which are utilized by some of TippingPoint’s hardware appliance products for local embedded device management. This issue does not impact the IPS inspection engine, and there is no direct vector of attack of the TippingPoint appliance via the segment ports. The issue is related solely to the NX-Series dedicated management network port. At this time, there is no known or proven way to exploit TippingPoint products.
- All NX-Series (2600NX, 5200NX, 6200NX, 7100NX, 7500NX) running TOS v3.9.4 and earlier
- SMS - all versions
- S-Series (S10, S110, S330)
- N-Series (660N, 1400N, 2500N, 5100N, 6100N)
- T/TX-Series (vTPS, 440T, 2200T, 8200TX, 8400TX)
References: Wind River has disclosed a total of 11 vulnerabilities, of which the following are relevant to the TippingPoint NX-Series management network port.
|CVE #||Filter #|
For questions or technical assistance, on any TippingPoint product, contact the TippingPoint Technical Assistance Center (TAC).
Trend Micro™ TippingPoint
For updated contact information, please click here.