CRITICAL🇵🇱 Wersja polska

CVE-2019-8272

CVSS 9.8v3.1pub. 2019-03-08upd. 2024-11-21

UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Siemens Sinumerik Access Mymachine\/p2p

    APP
    Siemens
    < 4.8
  • Siemens Sinumerik Pcu Base Win10 Software\/ipc

    APP
    Siemens
    < 14.00
  • Siemens Sinumerik Pcu Base Win7 Software\/ipc

    APP
    Siemens
    ≤ 12.01
  • Uvnc Ultravnc

    APP
    Uvnc
    < 1.2.2.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2026-7839CRITICAL9.1ten sam produkt

UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password...

CVE-2019-8268CRITICAL9.8ten sam produkt

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usag...

CVE-2019-8264CRITICAL9.8ten sam produkt

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can p...

CVE-2019-8265CRITICAL9.8ten sam produkt

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETP...

CVE-2019-8266CRITICAL9.8ten sam produkt

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of Clie...