Skip to main content

Vxworks CVE-2021-29999

CRITICAL
Out-of-bounds Write (CWE-787)
2021-04-13 cve@mitre.org
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Apr 13, 2021 - 17:15 nvd
CRITICAL 9.8

DescriptionNVD

An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.

AnalysisAI

An issue was discovered in Wind River VxWorks through 6.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server. Affected products include: Windriver Vxworks. Version information: through 6.8..

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2019-12255 CRITICAL POC
9.8 Aug 09

Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). Rated critical severity (CVSS 9.8), this v

CVE-2023-38346 HIGH POC
8.8 Sep 22

An issue was discovered in Wind River VxWorks 6.9 and 7. Rated high severity (CVSS 8.8), this vulnerability is remotely

CVE-2013-0714 CRITICAL
10.0 Mar 20

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or ca

CVE-2019-12258 HIGH POC
7.5 Aug 09

Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. Rated high severity (CVSS 7.5), this vulne

CVE-2021-29998 CRITICAL
9.8 Apr 13

An issue was discovered in Wind River VxWorks before 6.5. Rated critical severity (CVSS 9.8), this vulnerability is remo

CVE-2019-12262 CRITICAL
9.8 Aug 14

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. Rated critical se

CVE-2019-12261 CRITICAL
9.8 Aug 09

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). Rated critical seve

CVE-2019-12260 CRITICAL
9.8 Aug 09

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). Rated critical severity (CVSS

CVE-2019-12256 CRITICAL
9.8 Aug 09

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. Rated critical severity (CVSS 9.8), this vul

CVE-2015-7599 HIGH
8.1 Feb 07

Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote

CVE-2019-12257 HIGH
8.8 Aug 09

Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. Rated high severity (CVSS 8.8), t

CVE-2013-0711 HIGH
7.8 Mar 20

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (d

Share

CVE-2021-29999 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy