UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSiemens Sinumerik Access Mymachine\/p2p
APPSiemens< 4.8Siemens Sinumerik Pcu Base Win10 Software\/ipc
APPSiemens< 14.00Siemens Sinumerik Pcu Base Win7 Software\/ipc
APPSiemens≤ 12.01Uvnc Ultravnc
APPUvnc< 1.2.2.3
Related vulnerabilities
UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password...
UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usag...
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can p...
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETP...
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of Clie...