eltricos

## 20190730-TLP-WHITE_URGENT11_VxWorks.MD

      
              1 file
            
          
              2 forks
            
          
              8 comments
            
          
              14 stars
            
          
                SwitHak
                / 20190730-TLP-WHITE_URGENT11_VxWorks.MD
            
            
              Last active
              June 5, 2020 08:12
            
              
                Tracking vendors responses to URGENT/11 VxWorks vulnerabilities (Last updated: 2020-02-21 1019 UTC)
              
          
    Advisory (URGENT/11)

UPDATE (2019-10-02 1241 UTC)

General

Armis released new information about the vulnerabilities scope. The vulnerabilities impact more RTOS than expected.
IP Stacks backstory


Some of the vulnerabilities discovered by Armis doesn't resides in VxWorks RTOS but in one part of it, the IP stack. This IP stack named IPNET stack comes from Interpeak AB, a company acquired by Wind River the editor of VxWorks RTOS, the 20th March 2006.
Before been acquired by Wind River, the Interpeak AB company sold IP stacks to several customers of them. Interpeak AB sold 2 major IP stacks named IPNET & IPLITE, IPLITE is a light version of IPNET.