PT-2019-18144 · Panasonic · Panasonic Fpwin Pro

Publicado

2019-06-07

Atualizado

2020-10-06

CVE-2019-6532

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Panasonic FPWIN Pro version 7.3.0.0 and prior

Description The issue allows an attacker-created project file to be loaded by an authenticated user, triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.

Recommendations For Panasonic FPWIN Pro version 7.3.0.0 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Type Confusion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-843

Identificadores relacionados

CVE-2019-6532

ZDI-19-566

ZDI-19-568

ZDI-19-570

Produtos afetados

Panasonic Fpwin Pro

PT-2019-18144 · Panasonic · Panasonic Fpwin Pro

CVE-2019-6532

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7