CRITICAL🇵🇱 Wersja polska

CVE-2019-8275

CVSS 9.8v3.1pub. 2019-03-08upd. 2024-11-21

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Siemens Sinumerik Access Mymachine\/p2p

    APP
    Siemens
    < 4.8
  • Siemens Sinumerik Pcu Base Win10 Software\/ipc

    APP
    Siemens
    < 14.00
  • Siemens Sinumerik Pcu Base Win7 Software\/ipc

    APP
    Siemens
    ≤ 12.01
  • Uvnc Ultravnc

    APP
    Uvnc
    < 1.2.2.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-7839CRITICAL9.1ten sam produkt

UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password...

CVE-2019-8268CRITICAL9.8ten sam produkt

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usag...

CVE-2019-8264CRITICAL9.8ten sam produkt

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can p...

CVE-2019-8265CRITICAL9.8ten sam produkt

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETP...

CVE-2019-8266CRITICAL9.8ten sam produkt

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of Clie...