Exploit for Use of Externally-Controlled Format String in Ghs Integrity_Rtos
Details
CVSS v3
7.5
CVSS v2
5.0
NVD published
2019-03-26 01:29:00
EPSS
0.3% probability · 55.3th percentile — 2026-05-03
Affected versions
cpe:2.3:o:ghs:integrity_rtos:5.0.4:*:*:*:*:*:*:*
Summary
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the (user controlled) shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.