San Shin Jung

**Name of the Vulnerable Software and Affected Versions** Wind River VxWorks versions prior to 5.5.1 Wind River VxWorks versions 6.5.x through 6.7.x before 6.7.1.1 Wind River VxWorks versions 6.8.x before 6.8.3 Wind River VxWorks versions 6.9.x before 6.9.4.4 Wind River VxWorks versions 7.x before 7 **Description** The issue is related to the improper generation of TCP initial sequence number (ISN) values, making it easier for remote attackers to spoof TCP sessions by predicting an ISN value. **Recommendations** For versions prior to 5.5.1, update to version 5.5.1 or later. For versions 6.5.x through 6.7.x, update to version 6.7.1.1 or later. For versions 6.8.x, update to version 6.8.3 or later. For versions 6.9.x, update to version 6.9.4.4 or later. For versions 7.x, update to a version later than 7.

**Name of the Vulnerable Software and Affected Versions** GE Digital Energy Hydran M2 versions before 94450214LFMT100SEM-L.R3-CL **Description** The issue concerns the generation of random values for TCP Initial Sequence Numbers (ISNs) in the Ethernet card. Specifically, it does not properly generate these values, making it easier for remote attackers to spoof packets by predicting the ISNs. **Recommendations** For versions before 94450214LFMT100SEM-L.R3-CL, update to version 94450214LFMT100SEM-L.R3-CL or later to resolve the issue.