← voltar
CVE-2019-5024

CVE-2019-5024

CVSS 7.6 HIGHEPSS 0.5%CWE-693
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.6EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 abr 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this vulnerability.
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Capsule Technologies · Capsule Technologies SmartLinx Neuron 2

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0785