NVD Vulnerability Detail

CVE-2022-38767

Summary	An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure.
Summary	Se descubrió un problema en Wind River VxWorks 6.9 y 7, que permite que un paquete específicamente manipulado enviado por un servidor Radius pueda causar denegación de servicio durante el procedimiento de acceso a IP Radius.
Publication Date	Nov. 26, 2022, 12:15 a.m.
Registration Date	Nov. 26, 2022, 10 a.m.
Last Update	April 14, 2026, 7:16 p.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:windriver:vxworks::::::::	6.9			6.9.4.12
cpe:2.3:o:windriver:vxworks:6.9.4.12:-::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer1::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer2::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer3::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer4::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer5::::::
cpe:2.3:o:windriver:vxworks:7.0:::::::*

Related information, measures and tools

No	URL	refsource
1	https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767	cve@mitre.org
2	https://windriver.com	cve@mitre.org
3	https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767	af854a3a-2127-422b-91ae-364da2661108
4	https://windriver.com	af854a3a-2127-422b-91ae-364da2661108
5	https://cert-portal.siemens.com/productcert/html/ssa-726834.html	0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Common Vulnerabilities List

JVN Vulnerability Information

ウインドリバー株式会社の VxWorks における脆弱性

Title	ウインドリバー株式会社の VxWorks における脆弱性
Summary	ウインドリバー株式会社の VxWorks には、不特定の脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダアドバイザリまたはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。
Publication Date	Nov. 25, 2022, midnight
Registration Date	Nov. 14, 2023, 5:15 p.m.
Last Update	Nov. 14, 2023, 5:15 p.m.

Affected System

ウインドリバー株式会社

VxWorks 6.9 以上 6.9.4.12 未満

VxWorks 6.9.4.12

VxWorks 7.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2022-38767	https://www.cve.org/CVERecord?id=CVE-2022-38767
National Vulnerability Database (NVD)
2	CVE-2022-38767	https://nvd.nist.gov/vuln/detail/CVE-2022-38767

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/scap/cwe.html

その他

No	Name	URL
ICS-CERT ADVISORY
1	ICSA-23-080-04	https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-04
JVN
2	JVNVU#99752892	https://jvn.jp/vu/JVNVU99752892/
関連文書
3	support2.windriver.com (index.php?page=cve&on=view&id=CVE-2022-38767)	https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767
4	windriver.com	https://windriver.com

Change Log

No	Changed Details	Date of change
1	[2023年11月14日] 掲載	Nov. 14, 2023, 5:15 p.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:windriver:vxworks::::::::	6.9			6.9.4.12
cpe:2.3:o:windriver:vxworks:6.9.4.12:-::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer1::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer2::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer3::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer4::::::
cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer5::::::
cpe:2.3:o:windriver:vxworks:7.0:::::::*