CVE-2022-23937

Name of the Vulnerable Software and Affected Versions Wind River VxWorks versions 6.9 through 7

Description The issue is related to an out-of-bounds read during an IKE initial exchange scenario, which can be triggered by a specifically crafted packet. This may allow a remote attacker to cause a denial of service or gain access to confidential information.

Recommendations For Wind River VxWorks versions 6.9 through 7, update to a version that includes a fix for this issue, as no specific workaround is provided in the available information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.