CVE-2019-6532

Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.
References
Link Resource
http://www.securityfocus.com/bid/108683 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 Mailing List Patch Third Party Advisory US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-19-566/ Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-19-568/ Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-19-570/ Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/108683 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 Mailing List Patch Third Party Advisory US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-19-566/ Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-19-568/ Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-19-570/ Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:panasonic:control_fpwin_pro:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:46

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/108683 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/108683 - Third Party Advisory, VDB Entry
References () https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 - Mailing List, Patch, Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 - Mailing List, Patch, Third Party Advisory, US Government Resource
References () https://www.zerodayinitiative.com/advisories/ZDI-19-566/ - Third Party Advisory, VDB Entry () https://www.zerodayinitiative.com/advisories/ZDI-19-566/ - Third Party Advisory, VDB Entry
References () https://www.zerodayinitiative.com/advisories/ZDI-19-568/ - Third Party Advisory, VDB Entry () https://www.zerodayinitiative.com/advisories/ZDI-19-568/ - Third Party Advisory, VDB Entry
References () https://www.zerodayinitiative.com/advisories/ZDI-19-570/ - Third Party Advisory, VDB Entry () https://www.zerodayinitiative.com/advisories/ZDI-19-570/ - Third Party Advisory, VDB Entry

Information

Published : 2019-06-07 14:29

Updated : 2024-11-21 04:46


NVD link : CVE-2019-6532

Mitre link : CVE-2019-6532

CVE.ORG link : CVE-2019-6532


JSON object : View

Products Affected

panasonic

  • control_fpwin_pro
CWE
CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')