CVE-2019-10060

Name of the Vulnerable Software and Affected Versions: Verix Multi-app Conductor application version 2.7

Description: The issue allows attackers to execute arbitrary code via a long configuration key value, specifically through a buffer overflow. To exploit this, an attacker must have the capability to download files to the device.

Recommendations: For version 2.7, consider restricting access to configuration key values to prevent exploitation until a fix is available. As a temporary workaround, limit the ability to download files to the device to minimize the risk of exploitation.