← back
CVE-2019-25655

Device Monitoring Studio 8.10.00.8925 Denial of Service

CVSS 6.9 MEDIUMEPSS 0.2%CWE-1316
Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection dialog. Attackers can trigger the crash by entering a malformed server name or address containing repeated characters through the Tools menu Connect to New Server interface.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
hdd · Device Monitoring Studio
public PoCs found1
cve_referencewww.exploit-db.com/exploits/46321unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/46321https://www.vulncheck.com/advisories/device-monitoring-studio-denial-of-service