CVE-2019-8269

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf	Third Party Advisory
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/	Third Party Advisory
https://www.us-cert.gov/ics/advisories/icsa-20-161-06	Third Party Advisory US Government Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf	Third Party Advisory
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/	Third Party Advisory
https://www.us-cert.gov/ics/advisories/icsa-20-161-06	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:siemens:sinumerik_access_mymachine\/p2p::::::::
	cpe:2.3:a:siemens:sinumerik_pcu_base_win10_software\/ipc::::::::
	cpe:2.3:a:siemens:sinumerik_pcu_base_win7_software\/ipc::::::::

History

21 Nov 2024, 04:49

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf - Third Party Advisory~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf - Third Party Advisory
References	~~() https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/ - Third Party Advisory~~	() https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/ - Third Party Advisory
References	~~() https://www.us-cert.gov/ics/advisories/icsa-20-161-06 - Third Party Advisory, US Government Resource~~	() https://www.us-cert.gov/ics/advisories/icsa-20-161-06 - Third Party Advisory, US Government Resource

Information

Published : 2019-03-08 23:29

Updated : 2024-11-21 04:49

NVD link : CVE-2019-8269

Mitre link : CVE-2019-8269

CVE.ORG link : CVE-2019-8269

JSON object : View

Products Affected

siemens

sinumerik_pcu_base_win10_software\/ipc
sinumerik_access_mymachine\/p2p
sinumerik_pcu_base_win7_software\/ipc

uvnc

ultravnc

CWE

CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write

{"id": "CVE-2019-8269", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-03-08T23:29:00.657", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf", "tags": ["Third Party Advisory"], "source": "vulnerability@kaspersky.com"}, {"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/", "tags": ["Third Party Advisory"], "source": "vulnerability@kaspersky.com"}, {"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06", "tags": ["Third Party Advisory", "US Government Resource"], "source": "vulnerability@kaspersky.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "vulnerability@kaspersky.com", "description": [{"lang": "en", "value": "CWE-121"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207."}, {"lang": "es", "value": "UltraVNC, en su revisi\u00f3n 1206, tiene un desbordamiento de b\u00fafer basado en pila en el c\u00f3digo del cliente VNC dentro del m\u00f3dulo \"FileTransfer\", lo cual conduce a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Este ataque parece ser explotable mediante la conectividad de red. Esta vulnerabilidad se ha solucionado en la revisi\u00f3n 1207."}], "lastModified": "2024-11-21T04:49:37.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "555D034F-3D64-4ED1-9B63-F8D59199E99C", "versionEndExcluding": "1.2.2.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sinumerik_access_mymachine\\/p2p:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9345335-DF62-4472-93CD-E2C85453F91E", "versionEndExcluding": "4.8"}, {"criteria": "cpe:2.3:a:siemens:sinumerik_pcu_base_win10_software\\/ipc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7498412D-79FD-43FE-AD9B-5820FB5CF7D8", "versionEndExcluding": "14.00"}, {"criteria": "cpe:2.3:a:siemens:sinumerik_pcu_base_win7_software\\/ipc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F603341-03C5-46CA-8A74-EC5A50135194", "versionEndIncluding": "12.01"}], "operator": "OR"}]}], "sourceIdentifier": "vulnerability@kaspersky.com"}

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2019-8269

7.5^/10

5.0^/10

Attach tags to `CVE-2019-8269`