CVE-2010-2965 - Vulnerability Details - OpenCVE

The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Rockwellautomation	1756-enbt\/a 1756-enbt\/a Firmware
Windriver	Vxworks

Configuration 1 [-]

AND

OR	cpe:2.3:o:rockwellautomation:1756-enbt\/a_firmware:3.2.6:::::::*
	cpe:2.3:o:rockwellautomation:1756-enbt\/a_firmware:3.6.1:::::::*
	cpe:2.3:o:windriver:vxworks::::::::

cpe:2.3:h:rockwellautomation:1756-enbt\/a:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735
http://seclists.org/fulldisclosure/2025/Jan/10
http://www.kb.cert.org/vuls/id/362332
http://www.kb.cert.org/vuls/id/MAPG-86EPFA
http://www.kb.cert.org/vuls/id/MAPG-86FPQL
https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708

History

Thu, 28 May 2026 19:30:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 28 Jan 2025 02:45:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2025/Jan/10

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-08-04T21:00:00.000Z

Updated: 2026-05-28T18:59:40.978Z

Reserved: 2010-08-04T00:00:00.000Z

Link: CVE-2010-2965

Vulnrichment

Updated: 2025-01-28T01:29:35.456Z

NVD

Status : Modified

Published: 2010-08-05T13:22:29.793

Modified: 2026-05-28T20:16:17.883

Link: CVE-2010-2965

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-08-04T21:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"name": "VU#362332", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/362332"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"tags": ["x_refsource_MISC"], "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2965", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"name": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", "refsource": "CONFIRM", "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"name": "VU#362332", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/362332"}, {"name": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", "refsource": "CONFIRM", "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}, {"name": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"name": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", "refsource": "MISC", "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}]}}}, "adp": [{"title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"name": "VU#362332", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/362332"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/10"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-01-28T01:29:35.456Z"}}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-863", "lang": "en", "description": "CWE-863 Incorrect Authorization"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-05-28T18:58:18.242701Z", "id": "CVE-2010-2965", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-28T18:59:40.978Z"}}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2965", "datePublished": "2010-08-04T21:00:00.000Z", "dateReserved": "2010-08-04T00:00:00.000Z", "dateUpdated": "2026-05-28T18:59:40.978Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.kb.cert.org/vuls/id/362332", "name": "VU#362332", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"]}, {"url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/10"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-01-28T01:29:35.456Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2010-2965", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-05-28T18:58:18.242701Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-28T18:58:14.425Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.kb.cert.org/vuls/id/362332", "name": "VU#362332", "tags": ["third-party-advisory", "x_refsource_CERT-VN"]}, {"url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2010-08-04T21:00:00.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", "name": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", "refsource": "CONFIRM"}, {"url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", "name": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", "refsource": "CONFIRM"}, {"url": "http://www.kb.cert.org/vuls/id/362332", "name": "VU#362332", "refsource": "CERT-VN"}, {"url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", "name": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", "refsource": "CONFIRM"}, {"url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", "name": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", "refsource": "CONFIRM"}, {"url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", "name": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-2965", "STATE": "PUBLIC", "ASSIGNER": "cve@mitre.org"}}}}, "cveMetadata": {"cveId": "CVE-2010-2965", "state": "PUBLISHED", "dateUpdated": "2026-05-28T18:59:40.978Z", "dateReserved": "2010-08-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2010-08-04T21:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-enbt\\/a_firmware:3.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "22C36961-F714-459C-ADF9-107C8EE99115", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:1756-enbt\\/a_firmware:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4B6FA17-2C3D-45F8-B327-8760DD3757CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F579A94-D4C9-4A16-9A1A-DE62C6F6ADC9", "versionEndIncluding": "6.9.4.12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-enbt\\/a:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A3DE5C9-82F9-4D92-B735-D85816EE8557", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804."}, {"lang": "es", "value": "El servicio WDB target agent debug en Wind River VxWorks v6.x, v5.x, y anteriores, como los usados en el Rockwell Automation 1756-ENBT serie A con firmware v3.2.6 y v3.6.1 y otros productos, permiten a atacantes remotos leer o modificar a su elecci\u00f3n direcciones de memoria, realizar llamdas a funciones, o administrar tareas a trav\u00e9s de peticiones UDP al puerto 17185, relacionado con el comportamiento de CVE-2005-3804."}], "id": "CVE-2010-2965", "lastModified": "2026-05-28T20:16:17.883", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2010-08-05T13:22:29.793", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}, {"source": "cve@mitre.org", "tags": ["Permissions Required"], "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/362332"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"source": "cve@mitre.org", "tags": ["Permissions Required"], "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jan/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/362332"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86EPFA"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-86FPQL"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}