CVE-2024-28759

Vulnerability

Overview

The vulnerability identified in CVE-2024-28759 involves a buffer overrun that can be triggered by sending a specifically crafted network packet to a system running Wind River VxWorks version 7 through 23.09 [1]. The root cause is a flaw in how the network stack processes incoming data, which fails to properly validate packet boundaries, allowing an overrun condition to occur.

Attack

Vector and Prerequisites

To exploit this vulnerability, an attacker must be able to send a crafted network packet to the target VxWorks device [2]. No authentication is required, and the attack can be performed remotely over the network [1]. The complexity is low, but the attack requires the capability to transmit a specially designed packet to the target system.

Impact

A successful exploit results in a buffer overrun, which can cause the affected device to crash or behave unexpectedly [1]. This primarily leads to a denial of service (DoS) condition, impacting availability of the system. Given VxWorks' use in mission-critical and real-time systems [1], such an outage could have significant operational consequences.

Mitigation

Wind River has provided security updates and guidance for this vulnerability [2]. Users should apply the recommended patches or upgrades to mitigate the risk. The vulnerability has a CVSS v3 base score of 4.3 (Medium severity) [2], and while no public exploitation has been reported, timely patching is advised.