CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-5024

A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 15.0%

CVSS Severity

CVSS v3 Score 7.6

CVSS v2 Score 7.2

References

Products affected by CVE-2019-5024

Capsuletech » Smartlinx Neuron 2 » Version: N/A

cpe:2.3:h:capsuletech:smartlinx_neuron_2:-
Capsuletech » Smartlinx Neuron 2 Firmware » Version: N/A

cpe:2.3:o:capsuletech:smartlinx_neuron_2_firmware:-
Capsuletech » Smartlinx Neuron 2 Firmware » Version: 6.9.1

cpe:2.3:o:capsuletech:smartlinx_neuron_2_firmware:6.9.1
Capsuletech » Smartlinx Neuron 2 Firmware » Version: 9.0.3

cpe:2.3:o:capsuletech:smartlinx_neuron_2_firmware:9.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-5024

Products

Pricing

Contact Us