CVE-2019-15019

Name of the Vulnerable Software and Affected Versions Zingbox Inspector versions 1.294 and earlier

Description The issue exists due to insufficient input validation in the network traffic handler. This could allow a remote attacker to intercept and modify a software update package. An attacker may supply an invalid software update image to the Zingbox Inspector.

Recommendations For versions 1.294 and earlier, update to a version later than 1.294 to resolve the issue. As a temporary workaround, consider restricting access to the software update mechanism until a patch is available. Avoid using the vulnerable network traffic handler until the issue is resolved.