← Back

CVE-2019-6532

nvd nist
Published: Jun 7, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.

Affected (1)

Panasonic
1 product
Control Fpwin Pro
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Control Fpwin Pro
Up to 7.3.0.0

Related CWEs

CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

References (10)

Source: ics-cert@hq.dhs.gov
Third Party AdvisoryVDB Entry
Source: ics-cert@hq.dhs.gov
Mailing ListPatchThird Party AdvisoryUS Government Resource
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryVDB Entry
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryVDB Entry
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.