CVE-2025-26500

Summary

: Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation.  

Specifically crafted USB packets may lead to the system becoming unavailable

This issue affects VxWorks 7: from 22.06 through 24.03.

Affected Software

VendorProductVersion RangeStatus
Wind River SystemsVxWorks 722.06 <= 24.03affected

Weaknesses

  • CWE-400: CWE-400: Uncontrolled Resource Consumption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References