PT-2019-13404 · Horner Automation · Cscape

Francis Provencher

Publicado

2019-10-18

Atualizado

2020-10-09

CVE-2019-13541

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Horner Automation Cscape versions 9.90 and prior

Description An improper input validation issue has been identified that may be exploited by processing files lacking user input validation. This may allow an attacker to access information and remotely execute arbitrary code.

Recommendations For versions 9.90 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-787

Identificadores relacionados

CVE-2019-13541

ZDI-19-902

Produtos afetados

Cscape

PT-2019-13404 · Horner Automation · Cscape

CVE-2019-13541

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4