CVE-2019-15877
CVE-2019-15877
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
28 Apr 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory.
Affected products
n/a · FreeBSDWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →