CVE-2019-10949
CVE-2019-10949
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 2.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
17 abr 2019Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files.
Productos afectados
n/a · Delta Industrial Automation CNCSoft¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://ics-cert.us-cert.gov/advisories/ICSA-19-106-01https://www.zerodayinitiative.com/advisories/ZDI-19-406/https://www.zerodayinitiative.com/advisories/ZDI-19-407/https://www.zerodayinitiative.com/advisories/ZDI-19-409/https://www.zerodayinitiative.com/advisories/ZDI-19-411/https://www.zerodayinitiative.com/advisories/ZDI-19-412/https://www.zerodayinitiative.com/advisories/ZDI-19-413/https://www.zerodayinitiative.com/advisories/ZDI-19-414/https://www.zerodayinitiative.com/advisories/ZDI-19-415/https://www.zerodayinitiative.com/advisories/ZDI-19-416/https://www.zerodayinitiative.com/advisories/ZDI-19-418/https://www.zerodayinitiative.com/advisories/ZDI-19-419/