Unrated severityNVD Advisory· Published Aug 5, 2010· Updated Apr 29, 2026

CVE-2010-2968

Description

The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

Affected products

Windriver/Vxworks5 versions
cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*range: <=6.8
- cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*
- cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*
- cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*
- cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.metasploit.com/2010/08/vxworks-vulnerabilities.htmlnvdExploit

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000