ICSA-19-274-01 · Published 2024-09-24 · View on CISA ICS-CERT ↗

Interpeak IPnet TCP/IP Stack (Update E)

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow remote code execution.

CVEs (11)

CVE-2019-12256 CVE-2019-12257 CVE-2019-12255 CVE-2019-12260 CVE-2019-12261 CVE-2019-12263 CVE-2019-12258 CVE-2019-12259 CVE-2019-12262 CVE-2019-12264 CVE-2019-12265

Remediations

Enea has no IPNet customers on support contract in the United States.
Green Hills Software has proactively informed affected users and offers consulting services to implement mitigations.
Microsoft states they have no history of support or integration work to include IPnet and have not released a version of ThreadX bundled with IPnet. Microsoft does caution that some hardware makers could have used ThreadX and a custom set IPnet in the hardware.
TRON Forum reports they only publish the specification for ITRON RTOS. Various implementations are used by many users world-wide and are created by various implementors (some commercial, and some academic and some government) according the specification document. TRON Forum, the caretaker of the ITRON specification, has not endorsed the use of any particular TCP/IP stack including one from Interpeak. The choice of TCP/IP stack is up to the RTOS vendor and application developers, and thus each application user needs to check whether TCP/IP stack developed by Interpeak is used inside their application. TRON Forum will send out a preliminary warning to members by mailing list to notify implementors of the reported vulnerabilities.
ZebOS by IP Infusion has not yet responded to CISA inquiries.
Wind River has identified the following specific workarounds and mitigations users can apply to reduce risk:
All affected products: To obtain patches, email [email protected] and indicate the VxWorks major version for which you need source patches.
All affected products: For more detailed information on the vulnerabilities and the mitigating controls, please see the Wind River advisory at: https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:
ABB
Avaya
Belden Industrial Devices
ExtremeNetworks
IDEC Corporation
Mitsubishi Electric
NetApp
Rockwell Automation
Schneider Electric
Siemens (Power Meters)
Siemens (RUGGEDCOM)
Siemens (SIPROTEC 5)
Sonicwall Firewalls
TrendMicro IPS
Woodward
Xerox Printers
Xylem

Affected Vendors

ENEA Green Hills Software Wind River

Affected Products (14)

ENEA · OSE OSE4

ENEA · OSE OSE5

Green Hills Software · INTEGRITY RTOS >=2003|<=2006

Wind River · VxWorks under CURRENT support (6.9.4.11, Vx7 SR540, Vx7 SR610) vers:all/*

Wind River · VxWorks >=6.5

Wind River · VxWorks bootrom network stack vers:all/*

Wind River · VxWorks 653 MCE_3.x

Wind River · Advanced Networking Technology (ANT) vers:all/*

Wind River · Interpeak IPnet TCP/IP Stack vers:all/*

Wind River · VxWorks 7_SR620

Wind River · VxWorks >=5.3|<=6.4

Wind River · VxWorks Cert vers:all/*

Wind River · VxWorks 653 <=2.x

Wind River · VxWorks 653 >=MCE_3.x_Cert_Edition

Affected Sectors

Critical Manufacturing, Information Technology, Healthcare and Public Health, Transportation Systems, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more