Sign-up

ID

VAR-202004-0062


CVE

CVE-2020-10664


TITLE

VxWorks In NULL Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-004664

DESCRIPTION

The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference. VxWorks To NULL A vulnerability exists regarding pointer dereference.Service operation interruption (DoS) It may be put into a state. Wind River Systems VxWorks is a set of embedded real-time operating systems (RTOS) from Wind River Systems. IGMP is one of the Internet group management protocol components. IGMP components in Wind River Systems VxWorks have code issue vulnerabilities. The vulnerability stems from the problem of improper design or implementation in the code development process of network systems or products. There is currently no detailed vulnerability details provided

Trust: 2.25

sources: NVD: CVE-2020-10664 // JVNDB: JVNDB-2020-004664 // CNVD: CNVD-2020-32428 // VULMON: CVE-2020-10664

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-32428

AFFECTED PRODUCTS

vendor:windrivermodel:vxworksscope:eqversion:6.8.3

Trust: 1.0

vendor:wind rivermodel:vxworksscope:eqversion:6.8.3

Trust: 0.8

vendor:windmodel:river systems vxworksscope: - version: -

Trust: 0.6

vendor:windrivermodel:vxworksscope:eqversion:5.5

Trust: 0.1

vendor:windrivermodel:vxworksscope:eqversion:6.4

Trust: 0.1

vendor:windrivermodel:vxworksscope:eqversion:6.6

Trust: 0.1

vendor:windrivermodel:vxworksscope:eqversion:6.7

Trust: 0.1

vendor:windrivermodel:vxworksscope:eqversion:6.8

Trust: 0.1

sources: CNVD: CNVD-2020-32428 // VULMON: CVE-2020-10664 // JVNDB: JVNDB-2020-004664 // NVD: CVE-2020-10664

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-10664
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-004664
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-32428
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202004-2163
value: HIGH

Trust: 0.6

VULMON: CVE-2020-10664
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-10664
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-004664
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-32428
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-10664
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-004664
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-32428 // VULMON: CVE-2020-10664 // JVNDB: JVNDB-2020-004664 // CNNVD: CNNVD-202004-2163 // NVD: CVE-2020-10664

PROBLEMTYPE DATA

problemtype:CWE-476

Trust: 1.8

sources: JVNDB: JVNDB-2020-004664 // NVD: CVE-2020-10664

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202004-2163

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202004-2163

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-004664

PATCH
title:CVE-2020-10664url:https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-10664
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-004664

EXTERNAL IDS
db:NVDid:CVE-2020-10664
Trust: 3.1
db:JVNDBid:JVNDB-2020-004664
Trust: 0.8
db:CNVDid:CNVD-2020-32428
Trust: 0.6
db:CNNVDid:CNNVD-202004-2163
Trust: 0.6
db:VULMONid:CVE-2020-10664
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-32428 // 
            
            
            
            VULMON: CVE-2020-10664 // 
            
            
            
            JVNDB: JVNDB-2020-004664 // 
            
            
            
            CNNVD: CNNVD-202004-2163 // 
            
            
            
            NVD: CVE-2020-10664

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2020-10664
Trust: 2.0
url:https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2020-10664
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10664
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/476.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-32428 // 
            
            
            
            VULMON: CVE-2020-10664 // 
            
            
            
            JVNDB: JVNDB-2020-004664 // 
            
            
            
            CNNVD: CNNVD-202004-2163 // 
            
            
            
            NVD: CVE-2020-10664

SOURCES
db:CNVDid:CNVD-2020-32428
db:VULMONid:CVE-2020-10664
db:JVNDBid:JVNDB-2020-004664
db:CNNVDid:CNNVD-202004-2163
db:NVDid:CVE-2020-10664

LAST UPDATE DATE
2024-11-23T23:01:29.218000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-32428date:2020-06-11T00:00:00
db:VULMONid:CVE-2020-10664date:2021-02-22T00:00:00
db:JVNDBid:JVNDB-2020-004664date:2020-05-25T00:00:00
db:CNNVDid:CNNVD-202004-2163date:2021-02-23T00:00:00
db:NVDid:CVE-2020-10664date:2024-11-21T04:55:47.873

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-32428date:2020-06-11T00:00:00
db:VULMONid:CVE-2020-10664date:2020-04-27T00:00:00
db:JVNDBid:JVNDB-2020-004664date:2020-05-25T00:00:00
db:CNNVDid:CNNVD-202004-2163date:2020-04-27T00:00:00
db:NVDid:CVE-2020-10664date:2020-04-27T13:15:12.287