.Net · Tinywall · CVE-2019-19470
**Name of the Vulnerable Software and Affected Versions**
TinyWall versions prior to 2.1.13
**Description**
The issue arises from the unsafe usage of .NET deserialization in Named Pipe message processing, allowing a local attacker to escalate privileges to NT AUTHORITYSYSTEM.
**Recommendations**
For versions prior to 2.1.13, update to version 2.1.13 to resolve the issue.