CVE-2019-6532

EPSS 3.8%CWE-843

Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.

Produtos afetados

Panasonic · FPWIN Pro

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 https://www.zerodayinitiative.com/advisories/ZDI-19-566/https://www.zerodayinitiative.com/advisories/ZDI-19-568/https://www.zerodayinitiative.com/advisories/ZDI-19-570/http://www.securityfocus.com/bid/108683