Vulnerabilities > CVE-2019-3729 - Out-of-bounds Write vulnerability in Dell Bsafe Micro-Edition-Suite

CVSS 2.7 - LOW

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

low complexity

dell

CWE-787

NVD

Published: 2019-09-30

Updated: 2022-04-12

Summary

RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. A malicious user with adjacent network access could potentially exploit this vulnerability to cause a crash in the library of the affected system.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Bsafe Micro Edition Suite 4.0.0 Dell Bsafe Micro Edition Suite 4.0.1 Dell Bsafe Micro Edition Suite 4.0.2 Dell Bsafe Micro Edition Suite 4.0.3 Dell Bsafe Micro Edition Suite 4.0.4 Dell Bsafe Micro Edition Suite 4.0.5 Dell Bsafe Micro Edition Suite 4.0.5.3 Dell Bsafe Micro Edition Suite 4.0.6 Dell Bsafe Micro Edition Suite 4.0.7 Dell Bsafe Micro Edition Suite 4.0.8 Dell Bsafe Micro Edition Suite 4.0.9 Dell Bsafe Micro Edition Suite 4.0.10 Dell Bsafe Micro Edition Suite 4.0.11 Dell Bsafe Micro Edition Suite 4.0.12 Dell Bsafe Micro Edition Suite 4.1.0 Dell Bsafe Micro Edition Suite 4.1.0.1 Dell Bsafe Micro Edition Suite 4.1.1 Dell Bsafe Micro Edition Suite 4.1.2 Dell Bsafe Micro Edition Suite 4.1.3 Dell Bsafe Micro Edition Suite 4.1.4 Dell Bsafe Micro Edition Suite 4.1.5 Dell Bsafe Micro Edition Suite 4.1.6 Dell Bsafe Micro Edition Suite 4.1.6.1 Dell Bsafe Micro Edition Suite 4.1.6.2 Dell Bsafe Micro Edition Suite 4.1.6.3 Dell Bsafe Micro Edition Suite 4.2.0 Dell Bsafe Micro Edition Suite 4.3 Dell Bsafe Micro Edition Suite 4.3.1 Dell Bsafe Micro Edition Suite 4.3.2 Dell Bsafe Micro Edition Suite 4.3.3	30

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.dell.com/support/kbdoc/000194054