4 matches found
CVE-2019-19470
Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13...
CVE-2019-19470
creationtimestamp| type| source ---|---|--- 2024-03-18 14:46:14+00:00| seen| https://t.me/ctinow/210576...
CVE-2019-19470
Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13...
CVE-2019-19470
CVE-2019-19470 describes unsafe ".NET deserialization" in TinyWall’s Named Pipe message processing, enabling local privilege escalation to NT AUTHORITY\SYSTEM. Affected: TinyWall up to version 2.1.12; fixed in 2.1.13. Root cause: unsafe deserialization during Named Pipe handling, leading to eleva...