Vulnerability CVE-2019-6541

Vulnerability CVE-2019-6541

Published: 2019-02-12 Modified: 2019-02-13

Description:

A memory corruption vulnerability has been identified in WECON LeviStudioU version 1.8.56 and prior, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative, reported these vulnerabilities to NCCIC.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
We-con -> Levistudiou

References:

http://www.securityfocus.com/bid/106861

https://ics-cert.us-cert.gov/advisories/ICSA-19-036-03

Copyright 2024, cxsecurity.com