FKIE_CVE-2019-8264

Vulnerability from fkie_nvd - Published: 2019-03-08 23:29 - Updated: 2024-11-21 04:49
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204.
References
vulnerability@kaspersky.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf
vulnerability@kaspersky.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf
vulnerability@kaspersky.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf
vulnerability@kaspersky.comhttps://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/Third Party Advisory
vulnerability@kaspersky.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-11
vulnerability@kaspersky.comhttps://www.us-cert.gov/ics/advisories/icsa-20-161-06
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11
af854a3a-2127-422b-91ae-364da2661108https://www.us-cert.gov/ics/advisories/icsa-20-161-06
Impacted products
Vendor Product Version
uvnc ultravnc *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "555D034F-3D64-4ED1-9B63-F8D59199E99C",
              "versionEndExcluding": "1.2.2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
    },
    {
      "lang": "es",
      "value": "UltraVNC, en su revisi\u00f3n 1203, tiene una vulnerabilidad de acceso fuera de l\u00edmites en el cliente VNC dentro del decodificador Ultra2, lo que podr\u00eda, potencialmente, resultar en una ejecuci\u00f3n de c\u00f3digo. Este ataque parece ser explotable mediante la conectividad de red. Esta vulnerabilidad se ha solucionado en la revisi\u00f3n 1204."
    }
  ],
  "id": "CVE-2019-8264",
  "lastModified": "2024-11-21T04:49:36.340",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-08T23:29:00.467",
  "references": [
    {
      "source": "vulnerability@kaspersky.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "vulnerability@kaspersky.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
    },
    {
      "source": "vulnerability@kaspersky.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
    },
    {
      "source": "vulnerability@kaspersky.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/"
    },
    {
      "source": "vulnerability@kaspersky.com",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    },
    {
      "source": "vulnerability@kaspersky.com",
      "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
    }
  ],
  "sourceIdentifier": "vulnerability@kaspersky.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "vulnerability@kaspersky.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.