Yevhen Stasiv yevhenstasiv

## 20190730-TLP-WHITE_URGENT11_VxWorks.MD

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                yevhenstasiv
                / 20190730-TLP-WHITE_URGENT11_VxWorks.MD
            
            
              Created
              December 23, 2019 08:12
                — forked from SwitHak/20190730-TLP-WHITE_URGENT11_VxWorks.MD
            
              
                Tracking vendors responses to URGENT/11 VxWorks vulnerabilities (Last updated: 2019-12-10 2251 UTC)
              
          
    Advisory (URGENT/11)

UPDATE (2019-10-02 1241 UTC)

General

Armis released new information about the vulnerabilities scope. The vulnerabilities impact more RTOS than expected.
IP Stacks backstory


Some of the vulnerabilities discovered by Armis doesn't resides in VxWorks RTOS but in one part of it, the IP stack. This IP stack named IPNET stack comes from Interpeak AB, a company acquired by Wind River the editor of VxWorks RTOS, the 20th March 2006.
Before been acquired by Wind River, the Interpeak AB company sold IP stacks to several customers of them. Interpeak AB sold 2 major IP stacks named IPNET & IPLITE, IPLITE is a light version of IPNET.