{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Versions de ThreadX qui utilisent la pile r\u00e9seau IPnet","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"VxWorks versions 6.5 \u00e0 6.9","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Versions de VxWorks qui utilisent la pile r\u00e9seau Interpeak","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Versions de ZebOS qui utilisent la pile r\u00e9seau IPnet","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Versions de INTEGRITY qui utilisent la pile r\u00e9seau IPnet","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Versions de OSE (Operating System Embedded) qui utilisent la pile r\u00e9seau IPnet","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Versions de Nucleus RTOS qui utilisent la pile r\u00e9seau IPnet","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"VxWorks version 7 (SR540 et SR610)","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2019-12256","url":"https://www.cve.org/CVERecord?id=CVE-2019-12256"},{"name":"CVE-2019-12264","url":"https://www.cve.org/CVERecord?id=CVE-2019-12264"},{"name":"CVE-2019-12258","url":"https://www.cve.org/CVERecord?id=CVE-2019-12258"},{"name":"CVE-2019-12259","url":"https://www.cve.org/CVERecord?id=CVE-2019-12259"},{"name":"CVE-2019-12261","url":"https://www.cve.org/CVERecord?id=CVE-2019-12261"},{"name":"CVE-2019-12263","url":"https://www.cve.org/CVERecord?id=CVE-2019-12263"},{"name":"CVE-2019-12257","url":"https://www.cve.org/CVERecord?id=CVE-2019-12257"},{"name":"CVE-2019-12260","url":"https://www.cve.org/CVERecord?id=CVE-2019-12260"},{"name":"CVE-2019-12262","url":"https://www.cve.org/CVERecord?id=CVE-2019-12262"},{"name":"CVE-2019-12255","url":"https://www.cve.org/CVERecord?id=CVE-2019-12255"},{"name":"CVE-2019-12265","url":"https://www.cve.org/CVERecord?id=CVE-2019-12265"}],"links":[],"reference":"CERTFR-2019-AVI-367","revisions":[{"description":"Version initiale","revision_date":"2019-08-01T00:00:00.000000"},{"description":"Informations compl\u00e9mentaires sur les syst\u00e8mes impact\u00e9s","revision_date":"2019-10-02T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans la pile r\u00e9seau\nIPnet (utilis\u00e9e notamment par Wind River VxWorks). Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un\nd\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans la pile TCP/IP IPnet","vendor_advisories":[{"published_at":null,"title":"Communiqu\u00e9 de presse Armis du 1 octobre 2019","url":"https://www.armis.com/resources/iot-security-blog/urgent-11-update/"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Wind River du 29 juillet 2019","url":"https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Wind River du 25 juillet 2019","url":"https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf?v2"}]}