ID

VAR-202103-0365


CVE

CVE-2016-20009


TITLE

Wind River VxWorks  Out-of-bounds Vulnerability in Microsoft

Trust: 0.8

sources: JVNDB: JVNDB-2016-009699

DESCRIPTION

A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Wind River VxWorks Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Wind River VxWorks is an operating system of Wind River Company in the United States. The industry-leading real-time operating system for building embedded devices and systems. Remote attackers can use this vulnerability to submit special requests, causing the application to crash or execute arbitrary code in the application context

Trust: 2.25

sources: NVD: CVE-2016-20009 // JVNDB: JVNDB-2016-009699 // CNVD: CNVD-2021-29083 // VULMON: CVE-2016-20009

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-29083

AFFECTED PRODUCTS

vendor:siemensmodel:sgt-400scope:eqversion:*

Trust: 1.0

vendor:windrivermodel:vxworksscope:lteversion:7.0

Trust: 1.0

vendor:siemensmodel:sgt-100scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sgt-300scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sgt-a65scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sgt-a35scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sgt-a20scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sgt-200scope:eqversion:*

Trust: 1.0

vendor:windrivermodel:vxworksscope:gteversion:6.5

Trust: 1.0

vendor:ウインドリバー株式会社model:vxworksscope:eqversion:6.5 to 7

Trust: 0.8

vendor:ウインドリバー株式会社model:vxworksscope:eqversion: -

Trust: 0.8

vendor:windmodel:river vxworksscope:gteversion:6.5,<=7

Trust: 0.6

sources: CNVD: CNVD-2021-29083 // JVNDB: JVNDB-2016-009699 // NVD: CVE-2016-20009

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-20009
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-20009
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2021-29083
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202103-841
value: CRITICAL

Trust: 0.6

VULMON: CVE-2016-20009
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-20009
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2021-29083
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2016-20009
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2016-20009
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-29083 // VULMON: CVE-2016-20009 // JVNDB: JVNDB-2016-009699 // CNNVD: CNNVD-202103-841 // NVD: CVE-2016-20009

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2016-009699 // NVD: CVE-2016-20009

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-841

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202103-841

PATCH

title:Top Pageurl:https://www.windriver.com/

Trust: 0.8

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=3f7c93868d7099e31ef639cbd5d52b75

Trust: 0.1

title:BleepingComputerurl:https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/

Trust: 0.1

sources: VULMON: CVE-2016-20009 // JVNDB: JVNDB-2016-009699

EXTERNAL IDS

db:NVDid:CVE-2016-20009

Trust: 3.1

db:SIEMENSid:SSA-553445

Trust: 1.7

db:JVNid:JVNVU99791395

Trust: 0.8

db:JVNDBid:JVNDB-2016-009699

Trust: 0.8

db:CNVDid:CNVD-2021-29083

Trust: 0.6

db:ICS CERTid:ICSA-21-222-06

Trust: 0.6

db:AUSCERTid:ESB-2021.2712

Trust: 0.6

db:CNNVDid:CNNVD-202103-841

Trust: 0.6

db:VULMONid:CVE-2016-20009

Trust: 0.1

sources: CNVD: CNVD-2021-29083 // VULMON: CVE-2016-20009 // JVNDB: JVNDB-2016-009699 // CNNVD: CNNVD-202103-841 // NVD: CVE-2016-20009

REFERENCES

url:https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/

Trust: 3.1

url:https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf

Trust: 1.6

url:https://jvn.jp/vu/jvnvu99791395/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2016-20009

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2021.2712

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-222-06

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/

Trust: 0.1

url:https://cert-portal.siemens.com/productcert/txt/ssa-553445.txt

Trust: 0.1

sources: CNVD: CNVD-2021-29083 // VULMON: CVE-2016-20009 // JVNDB: JVNDB-2016-009699 // CNNVD: CNNVD-202103-841 // NVD: CVE-2016-20009

CREDITS

Siemens reported to CISA that these products are affected by this vulnerability when using some third-party components.

Trust: 0.6

sources: CNNVD: CNNVD-202103-841

SOURCES

db:CNVDid:CNVD-2021-29083
db:VULMONid:CVE-2016-20009
db:JVNDBid:JVNDB-2016-009699
db:CNNVDid:CNNVD-202103-841
db:NVDid:CVE-2016-20009

LAST UPDATE DATE

2024-11-23T20:22:24.873000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-29083date:2021-04-18T00:00:00
db:VULMONid:CVE-2016-20009date:2021-08-10T00:00:00
db:JVNDBid:JVNDB-2016-009699date:2021-11-24T06:53:00
db:CNNVDid:CNNVD-202103-841date:2022-04-06T00:00:00
db:NVDid:CVE-2016-20009date:2024-11-21T02:47:32.740

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-29083date:2021-04-18T00:00:00
db:VULMONid:CVE-2016-20009date:2021-03-11T00:00:00
db:JVNDBid:JVNDB-2016-009699date:2021-11-24T00:00:00
db:CNNVDid:CNNVD-202103-841date:2021-03-11T00:00:00
db:NVDid:CVE-2016-20009date:2021-03-11T22:15:12.120