CVE-2019-11849Out-of-bounds Write in Aleos

CWE-787Out-of-bounds Write2 documents2 sources
Severity
6.7MEDIUMNVD
EPSS
0.0%
top 99.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sierrawireless Aleos
Timeline
PublishedAug 21
Latest updateMay 24

Description

A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. The vulnerability may allow code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages1 packages

NVDsierrawireless/aleos< 4.11.0

🔴Vulnerability Details

1
GHSA
GHSA-pj6q-rg44-52vw: A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 42022-05-24
CVE-2019-11849 — Out-of-bounds Write in Aleos | cvebase