CVE-2019-11852 โ€” Out-of-bounds Read in Aleos

CWE-125 โ€” Out-of-bounds Read2 documents2 sources
Severity
9.1CRITICALNVD
EPSS
0.0%
top 94.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sierrawireless Aleos
Timeline
PublishedAug 21
Latest updateMay 24

Description

An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. Sensitive information may be disclosed via the ACEviewservice, accessible by default on the LAN.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages1 packages

โ–ถNVDsierrawireless/aleos< 4.13.0+2

๐Ÿ”ดVulnerability Details

1
GHSA
GHSA-7wcm-72q9-468c: An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4โ†—2022-05-24
โ–ถ
CVE-2019-11852 โ€” Out-of-bounds Read in Aleos | cvebase