CVE-2019-11851
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow.
Affected (3)
Products: Sierrawireless: Aleos
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 4.10.0 to 4.14.0 |
| Running on/with | Platform Versions |
|---|---|
Sierrawireless Lx40 | All versions |
Sierrawireless Lx60 | All versions |
Sierrawireless Mp70 | All versions |
Sierrawireless Mp70e | All versions |
Sierrawireless Rv50 | All versions |
Sierrawireless Rv50x | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| From 4.5.0 to 4.9.5 |
| Running on/with | Platform Versions |
|---|---|
Sierrawireless Es450 | All versions |
Sierrawireless Gx450 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.4.9 |
| Running on/with | Platform Versions |
|---|---|
Sierrawireless Es440 | All versions |
Sierrawireless Gx400 | All versions |
Sierrawireless Gx440 | All versions |
Sierrawireless Ls300 | All versions |
References (4)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.