Vulnerability Details CVE-2019-6530
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- http://www.securityfocus.com/bid/108683
- https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02
- https://www.zerodayinitiative.com/advisories/ZDI-19-565/
- https://www.zerodayinitiative.com/advisories/ZDI-19-567/
- http://www.securityfocus.com/bid/108683
- https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02
- https://www.zerodayinitiative.com/advisories/ZDI-19-565/
- https://www.zerodayinitiative.com/advisories/ZDI-19-567/
Products affected by CVE-2019-6530
-
cpe:2.3:a:panasonic:control_fpwin_pro:6.414
-
cpe:2.3:a:panasonic:control_fpwin_pro:7.3.0.0