PT-2019-18151 · Wecon · Wecon Levistudiou

Publicado

2019-01-29

Atualizado

2020-10-05

CVE-2019-6539

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WECON LeviStudioU versions 1.8.56 and prior

Description Several heap-based buffer overflow issues have been identified, which may allow arbitrary code execution. These issues were reported by Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative. The vulnerabilities are related to remote code execution in various components of WECON LeviStudioU, including the addresslib PLC Driver, addresslib PLC Type, screendata Desc FigureFile, and screendata LaIndexID/TextContent.

Recommendations For WECON LeviStudioU versions 1.8.56 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-122

Identificadores relacionados

CVE-2019-6539

ZDI-19-146

ZDI-19-147

ZDI-19-149

ZDI-19-150

Produtos afetados

Wecon Levistudiou

PT-2019-18151 · Wecon · Wecon Levistudiou

CVE-2019-6539

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8