Количество 2
Количество 2
CVE-2019-19470
Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13.
GHSA-fx9h-h562-86qx
An attacker who has already compromised the local system could use TinyWall Controller to gain additional privileges by attaching a debugger to the running process and modifying the code in memory. Vulnerability fixed in version 2.1.13.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-19470 Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13. | CVSS3: 7.8 | 1% Низкий | около 6 лет назад |
| GHSA-fx9h-h562-86qx An attacker who has already compromised the local system could use TinyWall Controller to gain additional privileges by attaching a debugger to the running process and modifying the code in memory. Vulnerability fixed in version 2.1.13. | CVSS3: 7.8 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу