CVE-2019-12259

Name of the Vulnerable Software and Affected Versions Wind River VxWorks versions 6.6 through 6.9 and vx7

Description The issue is related to an array index error in the IGMPv3 client component, which can lead to a denial of service (DoS) via NULL dereference in IGMP parsing. This can be exploited by a remote attacker to cause a service disruption.

Recommendations For versions 6.6 through 6.9 and vx7, consider disabling the IGMPv3 client component as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.