Wind River VxWorks SSH and Web Server and General Electric D20MX

CVSS 9.8 CRITICAL

CVEs (5)

CVE-2013-0711 CVE-2013-0713 CVE-2013-0714 CVE-2013-0715 CVE-2013-0716

According to Wind River, software patches for these vulnerabilities are available for all affected VxWorks versions. Users interested in obtaining these patches should contact Wind River technical support for assistance. (http://windriver.com/support/ )
GE reports the vulnerabilities do not impact Version 1.7 or newer. To upgrade a D20MX to Version 1.8, users should follow the upgrade procedures: "TN0110 D20MX v1.8+ Upgrade Procedure" or "TN0111 D20MX v1.8+ Upgrade over Serial Procedure"
These are available for download from the tech support website: (http://sc.ge.com/*SASTechSupport) > Substation Automation > D20MX > Firmware v1.80 > Documentation.

Wind River; GE

Wind River; GE · VxWorks >=5.5|<=6.9

Wind River; GE · VxWorks >=6.5|<=6.9

Wind River; GE · GE D20MX >=v1.0|<=1.6.2

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.