VAR-201008-0270
Vulnerability from variot - Updated: 2025-12-22 21:19The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. Some products based on VxWorks have the WDB target agent debug service enabled by default. This service provides read/write access to the device's memory and allows functions to be called. The VxWorks WDB target agent is a target-resident, run-time facility that is required for connecting host tools to a VxWorks target system during development. WDB is a selectable component in the VxWorks configuration and is enabled by default. The WDB debug agent access is not secured and does provide a security hole in a deployed system. It is advisable for production systems to reconfigure VxWorks with only those components needed for deployed operation and to build it as the appropriate type of system image. It is recommended to remove host development components such as the WDB target agent and debugging components (INCLUDE_WDB and INCLUDE_DEBUG) as well as other operating system components that are not required to support customer applications. Consult the VxWorks Kernel Programmer's guide for more information on WDB.Additional information can be found in ICS-CERT advisory ICSA-10-214-01 and on the Metasploit Blog. An attacker can use the debug service to fully compromise the device. The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions. An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password. It is relatively easy to find a string that has the same hash value as a regular password.Authentication by attacker API (loginLib) May be used to access services using. The problem is CVE-2005-3804 May be related toBy a third party UDP An arbitrary memory area may be read or modified, a function call executed, or a task managed through a request to the port. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. For example, when logging in with the default 'target/password', 'y{{{{{SS' will HASH out the same result as 'password'. So you can use 'password' and 'y{{{{{SS' as the password to log in. Permissions and access control vulnerabilities exist in the WDB Target Agent Debugging Service in Wind River VxWorks 6.x, 5.x and earlier. VxWorks is prone to a remote security-bypass vulnerability. Successful exploits will allow remote attackers to perform debugging tasks on the vulnerable device. The issue affects multiple products from multiple vendors that ship with the VxWorks operating system. NOTE: This issue was previously covered in BID 42114 (VxWorks Multiple Security Vulnerabilities) but has been separated into its own record to better document it. R7-0035: VxWorks Authentication Library Weak Password Hashing August 2, 2010
-- Vulnerability Details: This vulnerability allows remote attackers to bypass the authentication process for the Telnet and FTP services of the VxWorks operating system. This flaw occurs due to an insecure password hashing implementation in the authentication library (loginLib) of the VxWorks operating system. Regardless of what password is set for a particular account, there are a only small number (~210k) of possible hash outputs. Typical passwords consisting of alphanumeric characters and symbols fall within an even smaller range of hash outputs (~8k), making this trivial to brute force over the network. To excaberate matters, loginLib has no support for account lockouts and the FTP daemon does not disconnect clients that consistently fail to authenticate. This reduces the brute force time for the FTP service to approximately 30 minutes.
To demonstrate the hash weakness, the password of "insecure" hashes to the value "Ry99dzRcy9". The hashing algorithm itself is based on an additive sum with a small XOR operation. The resulting sums are then transformed to a printable string, but the range of possible intermediate values is limited and mostly sequential. The entire collision table has been precomputed and will be released in early September as an input file for common brute force tools. More information about the hashing algorithm itself is available at the Metasploit blog post below:
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
There are three requirements for this vulnerability to be exploited:
-
The device must be running at least one service that uses loginLib for authentication. Telnet and FTP do so by default.
-
A valid username must be known to the attacker. This is usually easy to determine through product manuals or a cursory review of the firmware binaries.
A typical VxWorks device will meet all three requirements by default, but customization by the device manufacturer may preclude this from being exploited. In general, if the device displays a VxWorks banner for Telnet or FTP, it is more than likely vulnerable.
-- Vendor Response: Wind River Systems has notified their customers of the issue and suggested that each downstream vendor replace the existing hash implementation with SHA512 or SHA256. The exact extent of the vulnerability and the complete list of affected devices is not known at this time. Example code from Wind River Systems has been supplied to CERT and is included in the advisory below:
http://www.kb.cert.org/vuls/id/840249
-- Disclosure Timeline: 2009-06-02 - Vulnerability reported to CERT for vendor notification 2009-08-02 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by HD Moore
-- About Rapid7 Security Rapid7 provides vulnerability management, compliance and penetration testing solutions for Web application, network and database security. In addition to developing the NeXpose Vulnerability Management system, Rapid7 manages the Metasploit Project and is the primary sponsor of the W3AF web assessment tool.
Our vulnerability disclosure policy is available online at:
http://www.rapid7.com/disclosure.jsp
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201008-0270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "river systems vxworks through",
"scope": "eq",
"trust": 1.0,
"vendor": "wind",
"version": "6.56.9"
},
{
"model": "1756-enbt\\/a",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "3.2.6"
},
{
"model": "1756-enbt\\/a",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "3.6.1"
},
{
"model": "vxworks",
"scope": "lte",
"trust": 1.0,
"vendor": "windriver",
"version": "6.9.4.12"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ericsson",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"model": "vxworks",
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"model": "1756-enbt series a",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-enbt series a",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "3.2.6 and 3.6.1"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.8,
"vendor": "wind river",
"version": "6.x"
},
{
"model": "vxworks",
"scope": "lte",
"trust": 0.8,
"vendor": "wind river",
"version": "5.x"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "1756-enbt series a",
"scope": null,
"trust": 0.6,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "phaser 3635mfp",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "0"
},
{
"model": "river systems vxworks",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "0"
},
{
"model": "oronoco ap600",
"scope": "eq",
"trust": 0.3,
"vendor": "proxim",
"version": "2.5.5(1070)"
},
{
"model": "oronoco ap600",
"scope": "eq",
"trust": 0.3,
"vendor": "proxim",
"version": "2.5.3(914)"
},
{
"model": "oronoco ap600",
"scope": "eq",
"trust": 0.3,
"vendor": "proxim",
"version": "2.5.2(894)"
},
{
"model": "oronoco ap600",
"scope": "eq",
"trust": 0.3,
"vendor": "proxim",
"version": "2.4.5(758)"
},
{
"model": "oronoco ap600",
"scope": "eq",
"trust": 0.3,
"vendor": "proxim",
"version": "2.4.11(821)"
},
{
"model": "oronoco ap600",
"scope": "eq",
"trust": 0.3,
"vendor": "proxim",
"version": "2.2.0(460)"
},
{
"model": "oronoco ap600",
"scope": "eq",
"trust": 0.3,
"vendor": "proxim",
"version": "2.1.1(403)"
},
{
"model": "oronoco ap600",
"scope": null,
"trust": 0.3,
"vendor": "proxim",
"version": null
},
{
"model": "grandslam",
"scope": "eq",
"trust": 0.3,
"vendor": "paradyne",
"version": "4200"
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2220"
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1100/1150/1200/1250"
},
{
"model": "networks optical trouble ticketing",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "cmts038-007 cmts2.6.0",
"scope": null,
"trust": 0.3,
"vendor": "kathrein",
"version": null
},
{
"model": "cmts038-007 cmts2.17.0",
"scope": null,
"trust": 0.3,
"vendor": "kathrein",
"version": null
},
{
"model": "cmts038-007 cmts2.14.0",
"scope": null,
"trust": 0.3,
"vendor": "kathrein",
"version": null
},
{
"model": "cmts038-007 cmts2.11.0",
"scope": null,
"trust": 0.3,
"vendor": "kathrein",
"version": null
},
{
"model": "gaoke co mg6000 voip gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "",
"version": "0"
},
{
"model": "networks edgeiron 4802f",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "1.4.8"
},
{
"model": "networks edgeiron 4802f",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "1.3.7"
},
{
"model": "networks edgeiron 4802f",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7920"
},
{
"model": "cadant c3 cmts",
"scope": "eq",
"trust": 0.3,
"vendor": "arris",
"version": "0"
},
{
"model": "omniswitch 5.1.5.245.r04",
"scope": null,
"trust": 0.3,
"vendor": "alcatel lucent",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1"
},
{
"db": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#840249"
},
{
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"db": "BID",
"id": "42158"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-029"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001882"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"db": "NVD",
"id": "CVE-2010-2965"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:windriver:vxworks",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001882"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thanks to HD Moore for reporting a wider scope with additional research related to this vulnerability. Earlier public reports came from Bennett Todd and Shawn Merdinger. This document was written by Jared Allar. ",
"sources": [
{
"db": "CERT/CC",
"id": "VU#362332"
}
],
"trust": 0.8
},
"cve": "CVE-2010-2965",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2010-2965",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 10.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 9.5,
"exploitability": "HIGH",
"exploitabilityScore": 10.0,
"id": "CVE-2010-2965",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 10.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 9.5,
"exploitability": "HIGH",
"exploitabilityScore": 10.0,
"id": "VU#840249",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2010-3891",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d738f00-463f-11e9-ac13-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "017253fa-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-45570",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-2965",
"trust": 1.6,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2965",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#840249",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2010-3891",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201008-029",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45570",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1"
},
{
"db": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#362332"
},
{
"db": "CERT/CC",
"id": "VU#840249"
},
{
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"db": "VULHUB",
"id": "VHN-45570"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-029"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"db": "NVD",
"id": "CVE-2010-2965"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. Some products based on VxWorks have the WDB target agent debug service enabled by default. This service provides read/write access to the device\u0027s memory and allows functions to be called. The VxWorks WDB target agent is a target-resident, run-time facility that is required for connecting host tools to a VxWorks target system during development. WDB is a selectable component in the VxWorks configuration and is enabled by default. The WDB debug agent access is not secured and does provide a security hole in a deployed system. It is advisable for production systems to reconfigure VxWorks with only those components needed for deployed operation and to build it as the appropriate type of system image. It is recommended to remove host development components such as the WDB target agent and debugging components (INCLUDE_WDB and INCLUDE_DEBUG) as well as other operating system components that are not required to support customer applications. Consult the VxWorks Kernel Programmer\u0027s guide for more information on WDB.Additional information can be found in ICS-CERT advisory ICSA-10-214-01 and on the Metasploit Blog. An attacker can use the debug service to fully compromise the device. The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions. An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password. It is relatively easy to find a string that has the same hash value as a regular password.Authentication by attacker API (loginLib) May be used to access services using. The problem is CVE-2005-3804 May be related toBy a third party UDP An arbitrary memory area may be read or modified, a function call executed, or a task managed through a request to the port. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. For example, when logging in with the default \u0027target/password\u0027, \u0027y{{{{{SS\u0027 will HASH out the same result as \u0027password\u0027. So you can use \u0027password\u0027 and \u0027y{{{{{SS\u0027 as the password to log in. Permissions and access control vulnerabilities exist in the WDB Target Agent Debugging Service in Wind River VxWorks 6.x, 5.x and earlier. VxWorks is prone to a remote security-bypass vulnerability. \nSuccessful exploits will allow remote attackers to perform debugging tasks on the vulnerable device. \nThe issue affects multiple products from multiple vendors that ship with the VxWorks operating system. \nNOTE: This issue was previously covered in BID 42114 (VxWorks Multiple Security Vulnerabilities) but has been separated into its own record to better document it. R7-0035: VxWorks Authentication Library Weak Password Hashing\nAugust 2, 2010\n\n-- Vulnerability Details:\nThis vulnerability allows remote attackers to bypass the authentication\nprocess for the Telnet and FTP services of the VxWorks operating system. \nThis flaw occurs due to an insecure password hashing implementation in\nthe authentication library (loginLib) of the VxWorks operating system. \nRegardless of what password is set for a particular account, there are a\nonly small number (~210k) of possible hash outputs. Typical passwords\nconsisting of alphanumeric characters and symbols fall within an even\nsmaller range of hash outputs (~8k), making this trivial to brute force\nover the network. To excaberate matters, loginLib has no support for\naccount lockouts and the FTP daemon does not disconnect clients that\nconsistently fail to authenticate. This reduces the brute force time for\nthe FTP service to approximately 30 minutes. \n\nTo demonstrate the hash weakness, the password of \"insecure\" hashes to\nthe value \"Ry99dzRcy9\". The hashing algorithm itself is based on an additive sum\nwith a small XOR operation. The resulting sums are then transformed to a\nprintable string, but the range of possible intermediate values is\nlimited and mostly sequential. The entire collision table has been\nprecomputed and will be released in early September as an input file for\ncommon brute force tools. More information about the hashing algorithm\nitself is available at the Metasploit blog post below:\n\n http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html\n\nThere are three requirements for this vulnerability to be exploited:\n\n * The device must be running at least one service that uses loginLib\nfor authentication. Telnet and FTP do so by default. \n\n * A valid username must be known to the attacker. This is usually easy\nto determine through product manuals or a cursory review of the firmware\nbinaries. \n\nA typical VxWorks device will meet all three requirements by default,\nbut customization by the device manufacturer may preclude this from\nbeing exploited. In general, if the device displays a VxWorks banner for\nTelnet or FTP, it is more than likely vulnerable. \n\n-- Vendor Response:\nWind River Systems has notified their customers of the issue and\nsuggested that each downstream vendor replace the existing hash\nimplementation with SHA512 or SHA256. The exact extent of the\nvulnerability and the complete list of affected devices is not known at\nthis time. Example code from Wind River Systems has been supplied to\nCERT and is included in the advisory below:\n\n http://www.kb.cert.org/vuls/id/840249\n\n-- Disclosure Timeline:\n2009-06-02 - Vulnerability reported to CERT for vendor notification\n2009-08-02 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by HD Moore\n\n-- About Rapid7 Security\nRapid7 provides vulnerability management, compliance and penetration\ntesting solutions for Web application, network and database security. In\naddition to developing the NeXpose Vulnerability Management system,\nRapid7 manages the Metasploit Project and is the primary sponsor of the\nW3AF web assessment tool. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.rapid7.com/disclosure.jsp\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2965"
},
{
"db": "CERT/CC",
"id": "VU#362332"
},
{
"db": "CERT/CC",
"id": "VU#840249"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001882"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"db": "BID",
"id": "42158"
},
{
"db": "IVD",
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1"
},
{
"db": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-45570"
},
{
"db": "PACKETSTORM",
"id": "92449"
}
],
"trust": 6.03
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/362332",
"trust": 0.8,
"type": "unknown"
},
{
"reference": "https://www.kb.cert.org/vuls/id/840249",
"trust": 0.8,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#362332"
},
{
"db": "CERT/CC",
"id": "VU#840249"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#362332",
"trust": 4.8
},
{
"db": "NVD",
"id": "CVE-2010-2965",
"trust": 3.8
},
{
"db": "CERT/CC",
"id": "VU#840249",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-10-214-01",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201008-029",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2010-1489",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2010-3891",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001882",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612",
"trust": 0.8
},
{
"db": "BID",
"id": "42114",
"trust": 0.6
},
{
"db": "BID",
"id": "42158",
"trust": 0.4
},
{
"db": "IVD",
"id": "BAB59964-1FB2-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D72F2C0-463F-11E9-98F5-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D738F00-463F-11E9-AC13-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "017253FA-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-45570",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92449",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1"
},
{
"db": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#362332"
},
{
"db": "CERT/CC",
"id": "VU#840249"
},
{
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"db": "VULHUB",
"id": "VHN-45570"
},
{
"db": "BID",
"id": "42158"
},
{
"db": "PACKETSTORM",
"id": "92449"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-029"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001882"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"db": "NVD",
"id": "CVE-2010-2965"
}
]
},
"id": "VAR-201008-0270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1"
},
{
"db": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"db": "VULHUB",
"id": "VHN-45570"
}
],
"trust": 2.52177709
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 2.0
}
],
"sources": [
{
"db": "IVD",
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1"
},
{
"db": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"db": "CNVD",
"id": "CNVD-2010-3891"
}
]
},
"last_update_date": "2025-12-22T21:19:10.853000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://windriver.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rockwellautomation.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://windriver.com/index.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001882"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45570"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"db": "NVD",
"id": "CVE-2010-2965"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.kb.cert.org/vuls/id/362332"
},
{
"trust": 2.5,
"url": "https://support.windriver.com/olsportal/faces/maintenance/downloaddetails.jspx?contentid=033708"
},
{
"trust": 2.1,
"url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"
},
{
"trust": 1.7,
"url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/mapg-86epfa"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/mapg-86fpql"
},
{
"trust": 1.6,
"url": "https://community.rapid7.com/community/metasploit/blog/2010/08/02/shiny-old-vxworks-vulnerabilities"
},
{
"trust": 1.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-10-214-01_vxworks_vulnerabilities.pdf"
},
{
"trust": 1.6,
"url": "http://blogs.windriver.com/chauhan/2010/08/vxworks-secure.html"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/jan/10"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/840249"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20051116-7920.shtml"
},
{
"trust": 0.8,
"url": "http://seclists.org/vuln-dev/2002/may/179"
},
{
"trust": 0.8,
"url": "http://thesauceofutterpwnage.blogspot.com/2010/08/metasploit-vxworks-wdb-agent-attack.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/215.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/505.html"
},
{
"trust": 0.8,
"url": "https://support.windriver.com/olsportal/faces/maintenance/downloaddetails.jspx?contentid=033709"
},
{
"trust": 0.8,
"url": "http://newsoft-tech.blogspot.com/2010/09/follow-up-on-vxworks-issue.html"
},
{
"trust": 0.8,
"url": "http://cvk.posterous.com/how-to-crack-vxworks-password-hashes"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/327.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/916.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu840249"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/mapg-863qh9"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2965"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2965"
},
{
"trust": 0.6,
"url": "http://www.kb.cert.org/vuls/id/362332http"
},
{
"trust": 0.3,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd%202013-345-01"
},
{
"trust": 0.3,
"url": "http://www.windriver.com/"
},
{
"trust": 0.3,
"url": "/archive/1/512825"
},
{
"trust": 0.1,
"url": "http://www.rapid7.com/disclosure.jsp"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#362332"
},
{
"db": "CERT/CC",
"id": "VU#840249"
},
{
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"db": "VULHUB",
"id": "VHN-45570"
},
{
"db": "BID",
"id": "42158"
},
{
"db": "PACKETSTORM",
"id": "92449"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-029"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001882"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"db": "NVD",
"id": "CVE-2010-2965"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1"
},
{
"db": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#362332"
},
{
"db": "CERT/CC",
"id": "VU#840249"
},
{
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"db": "VULHUB",
"id": "VHN-45570"
},
{
"db": "BID",
"id": "42158"
},
{
"db": "PACKETSTORM",
"id": "92449"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-029"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001882"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"db": "NVD",
"id": "CVE-2010-2965"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-03T00:00:00",
"db": "IVD",
"id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
},
{
"date": "2010-08-03T00:00:00",
"db": "IVD",
"id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
},
{
"date": "2010-08-05T00:00:00",
"db": "IVD",
"id": "7d738f00-463f-11e9-ac13-000c29342cb1"
},
{
"date": "2010-08-05T00:00:00",
"db": "IVD",
"id": "017253fa-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-08-02T00:00:00",
"db": "CERT/CC",
"id": "VU#362332"
},
{
"date": "2010-08-02T00:00:00",
"db": "CERT/CC",
"id": "VU#840249"
},
{
"date": "2010-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"date": "2010-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"date": "2010-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-45570"
},
{
"date": "2010-08-02T00:00:00",
"db": "BID",
"id": "42158"
},
{
"date": "2010-08-03T18:01:12",
"db": "PACKETSTORM",
"id": "92449"
},
{
"date": "2010-08-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-029"
},
{
"date": "2010-08-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001882"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"date": "2010-08-05T13:22:29.793000",
"db": "NVD",
"id": "CVE-2010-2965"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-02T00:00:00",
"db": "CERT/CC",
"id": "VU#362332"
},
{
"date": "2014-06-02T00:00:00",
"db": "CERT/CC",
"id": "VU#840249"
},
{
"date": "2010-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1489"
},
{
"date": "2010-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3891"
},
{
"date": "2010-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-45570"
},
{
"date": "2015-03-19T08:47:00",
"db": "BID",
"id": "42158"
},
{
"date": "2022-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-029"
},
{
"date": "2010-08-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001882"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005612"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-2965"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-029"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wind River Systems VxWorks debug service enabled by default",
"sources": [
{
"db": "CERT/CC",
"id": "VU#362332"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-029"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…