Back to search

VxWorks Remote Debug Service Exposed

Severity CVSS Published Added Modified
8 (AV:N/AC:L/Au:N/C:P/I:P/A:P) November 21, 2005 July 07, 2010 December 04, 2013

Description

Certain VxWorks-based products ship with the remote debugging service enabled. This service provides remote access to the processor and memory of the device, which can be abused by an attacker to compromise the device or gather sensitive information.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

  • Upgrade the device firmware to a fixed release

    Contact your vendor for an updated firmware version.

  • Restrict access to UDP port 17185

    Apply ACLs, firewall rules or otherwise restrict access to UDP port 17185.