CVE-2019-8267

EPSS 1.9%CWE-125

UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module, which results in a denial of service (DoS) condition. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1208.

Affected products

Kaspersky Lab · UltraVNC

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-014-ultravnc-out-of-bounds-read/https://www.us-cert.gov/ics/advisories/icsa-20-161-06