Vulnerabilities > CVE-2019-6532 - Type Confusion vulnerability in Panasonic Control Fpwin PRO 6.414/7.3.0.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
References
- http://www.securityfocus.com/bid/108683
- https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02
- https://www.zerodayinitiative.com/advisories/ZDI-19-566/
- https://www.zerodayinitiative.com/advisories/ZDI-19-568/
- https://www.zerodayinitiative.com/advisories/ZDI-19-570/
- http://www.securityfocus.com/bid/108683
- https://www.zerodayinitiative.com/advisories/ZDI-19-570/
- https://www.zerodayinitiative.com/advisories/ZDI-19-568/
- https://www.zerodayinitiative.com/advisories/ZDI-19-566/
- https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02