Wind River Information for VU#498440

Multiple TCP/IP implementations may use statistically predictable initial sequence numbers

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

Multiple versions of VxWorks generate TCP ISNs in a predictable way. For more information, see ICS-CERT Advisory ICSA-15-169-01. Wind River, sometimes called Wind River Systems, is a wholly owned subsidiary of Intel. VxWorks is used in many OEM products, including Schneider Electric control systems equipment.

If you have feedback, comments, or additional information about this vulnerability, please send us email.