Vulnerability Description
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Panasonic | Control Fpwin Pro | <= 7.3.0.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/108683Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02Mailing ListPatchThird Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-566/Third Party AdvisoryVDB Entry
- https://www.zerodayinitiative.com/advisories/ZDI-19-568/Third Party AdvisoryVDB Entry
- https://www.zerodayinitiative.com/advisories/ZDI-19-570/Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/108683Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02Mailing ListPatchThird Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-19-566/Third Party AdvisoryVDB Entry
- https://www.zerodayinitiative.com/advisories/ZDI-19-568/Third Party AdvisoryVDB Entry
- https://www.zerodayinitiative.com/advisories/ZDI-19-570/Third Party AdvisoryVDB Entry
FAQ
What is CVE-2019-6532?
CVE-2019-6532 is a vulnerability with a CVSS score of 7.8 (HIGH). Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expecte...
How severe is CVE-2019-6532?
CVE-2019-6532 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6532?
Check the references section above for vendor advisories and patch information. Affected products include: Panasonic Control Fpwin Pro.