Lucene search

MitreCVELIST:CVE-2019-11859

HistoryAug 21, 2020 - 6:51 p.m.

CVE-2019-11859 ALEOS SMS Handler Buffer Overflow

2020-08-2118:51:24

mitre

www.cve.org

buffer overflow

aleos

sms handler

code execution

root access

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.

References

source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-004/

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

Related for CVELIST:CVE-2019-11859