Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

PB#1080: Wind River VxWorks Vulnerabilities (URGENT/11)

    • Updated:
    • 12 Aug 2019
    • Product/Version:
    • TippingPoint IPS NX-series All
    • Platform:
Summary
VxWorks vulnerabilities impacting all NX-Series (2600NX, 5200NX, 6200NX, 7100NX, 7500NX) running TOS v3.9.4 and earlier.
Details
Public
Product Bulletin #: 1080
Updated: August 12, 2019

Subject: Security Advisory: Wind River VxWorks Vulnerabilities (URGENT/11)

Summary: Wind River® has recently announced a number of vulnerabilities in their VxWorks TCP/IP stack, which are utilized by some of TippingPoint’s hardware appliance products for local embedded device management. This issue does not impact the IPS inspection engine, and there is no direct vector of attack of the TippingPoint appliance via the segment ports. The issue is related solely to the NX-Series dedicated management network port. At this time, there is no known or proven way to exploit TippingPoint products.

Impacted Products:
  • All NX-Series (2600NX, 5200NX, 6200NX, 7100NX, 7500NX) running TOS v3.9.4 and earlier
Non-Impacted Products:
  • SMS - all versions
  • S-Series (S10, S110, S330)
  • N-Series (660N, 1400N, 2500N, 5100N, 6100N)
  • T/TX-Series (vTPS, 440T, 2200T, 8200TX, 8400TX)
Recommendations: Trend Micro TippingPoint strongly recommends that appliance management be performed via a dedicated management network with restricted access, and only accessible via trusted sources. For additional details and best practices on configuring the IPS management port, including access restrictions, click here. TippingPoint has actively worked Wind River to patch this vulnerability and has been addressed with the release of TOS v3.9.5.

References: Wind River has disclosed a total of 11 vulnerabilities, of which the following are relevant to the TippingPoint NX-Series management network port.
 
CVE #Filter #
CVE-2019-1225513871, 35844
CVE-2019-1225850
CVE-2019-1226313871, 35844

Vendor Advisory

https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/

https://armis.com/urgent11/

For questions or technical assistance, on any TippingPoint product, contact the TippingPoint Technical Assistance Center (TAC).

Thank you,
Trend Micro™ TippingPoint

For updated contact information, please click here.
Premium
Internal
Rating:
Category:
Solution Id:
TP000142898
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.