Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/108683 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 | Mailing List Patch Third Party Advisory US Government Resource |
https://www.zerodayinitiative.com/advisories/ZDI-19-566/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-19-568/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-19-570/ | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/108683 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 | Mailing List Patch Third Party Advisory US Government Resource |
https://www.zerodayinitiative.com/advisories/ZDI-19-566/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-19-568/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-19-570/ | Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 04:46
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/108683 - Third Party Advisory, VDB Entry | |
References | () https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 - Mailing List, Patch, Third Party Advisory, US Government Resource | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-19-566/ - Third Party Advisory, VDB Entry | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-19-568/ - Third Party Advisory, VDB Entry | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-19-570/ - Third Party Advisory, VDB Entry |
Information
Published : 2019-06-07 14:29
Updated : 2024-11-21 04:46
NVD link : CVE-2019-6532
Mitre link : CVE-2019-6532
CVE.ORG link : CVE-2019-6532
JSON object : View
Products Affected
panasonic
- control_fpwin_pro
CWE
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')