Vulnerability Description
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Deltaww | Cncsoft Screeneditor | <= 1.00.88 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107989Third Party Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-19-106-01PatchThird Party AdvisoryUS Government Resource
- https://www.zerodayinitiative.com/advisories/ZDI-19-406/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-407/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-409/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-411/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-412/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-413/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-414/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-415/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-416/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-418/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-419/Third Party Advisory
- http://www.securityfocus.com/bid/107989Third Party Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-19-106-01PatchThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2019-10949?
CVE-2019-10949 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user...
How severe is CVE-2019-10949?
CVE-2019-10949 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-10949?
Check the references section above for vendor advisories and patch information. Affected products include: Deltaww Cncsoft Screeneditor.