CVE-2010-2965 - Vulnerability Details - OpenCVE

The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	1756-enbt\/a 1756-enbt\/a Firmware
Windriver	Vxworks

Configuration 1 [-]

AND

OR	cpe:2.3:o:rockwellautomation:1756-enbt\/a_firmware:3.2.6:::::::*
	cpe:2.3:o:rockwellautomation:1756-enbt\/a_firmware:3.6.1:::::::*
	cpe:2.3:o:windriver:vxworks::::::::

cpe:2.3:h:rockwellautomation:1756-enbt\/a:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735
http://seclists.org/fulldisclosure/2025/Jan/10
http://www.kb.cert.org/vuls/id/362332
http://www.kb.cert.org/vuls/id/MAPG-86EPFA
http://www.kb.cert.org/vuls/id/MAPG-86FPQL
https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708

History

Tue, 28 Jan 2025 02:45:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2025/Jan/10

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-08-04T21:00:00.000Z

Updated: 2025-01-28T01:29:35.456Z

Reserved: 2010-08-04T00:00:00.000Z

Link: CVE-2010-2965

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-08-05T13:22:29.793

Modified: 2025-01-28T02:15:27.843

Link: CVE-2010-2965

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-08-04T21:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"name": "VU#362332", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/362332"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"tags": ["x_refsource_MISC"], "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2965", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"name": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", "refsource": "CONFIRM", "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"name": "VU#362332", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/362332"}, {"name": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", "refsource": "CONFIRM", "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}, {"name": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"name": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", "refsource": "MISC", "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}]}}}, "adp": [{"title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"name": "VU#362332", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/362332"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/10"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-01-28T01:29:35.456Z"}}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2965", "datePublished": "2010-08-04T21:00:00.000Z", "dateReserved": "2010-08-04T00:00:00.000Z", "dateUpdated": "2025-01-28T01:29:35.456Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-enbt\\/a_firmware:3.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "22C36961-F714-459C-ADF9-107C8EE99115", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:1756-enbt\\/a_firmware:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4B6FA17-2C3D-45F8-B327-8760DD3757CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F579A94-D4C9-4A16-9A1A-DE62C6F6ADC9", "versionEndIncluding": "6.9.4.12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-enbt\\/a:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A3DE5C9-82F9-4D92-B735-D85816EE8557", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804."}, {"lang": "es", "value": "El servicio WDB target agent debug en Wind River VxWorks v6.x, v5.x, y anteriores, como los usados en el Rockwell Automation 1756-ENBT serie A con firmware v3.2.6 y v3.6.1 y otros productos, permiten a atacantes remotos leer o modificar a su elecci\u00f3n direcciones de memoria, realizar llamdas a funciones, o administrar tareas a trav\u00e9s de peticiones UDP al puerto 17185, relacionado con el comportamiento de CVE-2005-3804."}], "id": "CVE-2010-2965", "lastModified": "2025-01-28T02:15:27.843", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-08-05T13:22:29.793", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}, {"source": "cve@mitre.org", "tags": ["Permissions Required"], "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/362332"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"source": "cve@mitre.org", "tags": ["Permissions Required"], "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/362332"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}