CVE-2019-8268
published 2019-03-08CVE-2019-8268: UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which…
PriorityP359critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.92%
89.0th percentile
UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kaspersky_lab | ultravnc | — | — |
| siemens | sinumerik_access_mymachine_p2p | < 4.8 | 4.8 |
| siemens | sinumerik_pcu_base_win10_software_ipc | < 14.00 | 14.00 |
| siemens | sinumerik_pcu_base_win7_software_ipc | <= 12.01 | — |
| uvnc | ultravnc | < 1.2.2.3 | 1.2.2.3 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h835-4p8w-83c9: UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString functi
ghsa_unreviewed·2022-05-13
CVE-2019-8268 [CRITICAL] CWE-193 GHSA-h835-4p8w-83c9: UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString functi
UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207.
CISA ICS
Siemens SINUMERIK
cisa_ics·2020-06-12·CVSS 9.8
[CRITICAL] Siemens SINUMERIK
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens SINUMERIK
Last RevisedJune 12, 2020
Alert CodeICSA-20-161-06
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Siemens
- Equipment: SINUMERIK
- Vulnerabilities: Buffer Underflow, Heap-based Buffer Overflow, Improper Initialization, Out-of-bounds Read, Stack-based Buffer Overflow, Access of Memory Location After End of Buffer, Off-by-one Error, Improper Null Termination, Improper Initialization
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow remote code execution, informati
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdfhttps://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/https://www.us-cert.gov/ics/advisories/icsa-20-161-06https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdfhttps://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/https://www.us-cert.gov/ics/advisories/icsa-20-161-06
2019-03-08
Published