← back
CVE-2019-5024

CVE-2019-5024

CVSS 7.6 HIGHEPSS 0.5%CWE-693
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.6EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
11 Apr 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this vulnerability.
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Capsule Technologies · Capsule Technologies SmartLinx Neuron 2

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0785