← voltar
CVE-2019-10947

CVE-2019-10947

EPSS 3.7%CWE-121
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 3.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
17 abr 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. This may occur because CNCSoft lacks user input validation before copying data from project files onto the stack.
Produtos afetados
n/a · Delta Industrial Automation CNCSoft

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://ics-cert.us-cert.gov/advisories/ICSA-19-106-01https://www.zerodayinitiative.com/advisories/ZDI-19-399/https://www.zerodayinitiative.com/advisories/ZDI-19-400/https://www.zerodayinitiative.com/advisories/ZDI-19-401/https://www.zerodayinitiative.com/advisories/ZDI-19-402/https://www.zerodayinitiative.com/advisories/ZDI-19-403/https://www.zerodayinitiative.com/advisories/ZDI-19-404/https://www.zerodayinitiative.com/advisories/ZDI-19-410/https://www.zerodayinitiative.com/advisories/ZDI-19-417/http://www.securityfocus.com/bid/107989