← back
CVE-2019-18257

CVE-2019-18257

EPSS 2.8%CWE-121
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
17 Dec 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server.
Affected products
n/a · Advantech DiagAnywhere Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.us-cert.gov/ics/advisories/icsa-19-346-01