CVE-2019-10978

Name of the Vulnerable Software and Affected Versions Red Lion Controls Crimson versions 3.0 and prior Red Lion Controls Crimson version 3.1 prior to release 3112.00

Description The issue allows multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that operates outside of the designated memory area, potentially leading to information disclosure, memory corruption, and remote code execution.

Recommendations For Red Lion Controls Crimson versions 3.0 and prior, update to a version later than 3.0 to resolve the issue. For Red Lion Controls Crimson version 3.1 prior to release 3112.00, update to release 3112.00 or later to resolve the issue.