Rewterz Threat Alert – Winnti Malware 4.0 Exploits Vulnerabilities in Linux and Windows
September 6, 2019Rewterz Threat Advisory – CVE-2019-10915 – Siemens SINETPLAN Improper Authorization Vulnerability
September 11, 2019Rewterz Threat Alert – Winnti Malware 4.0 Exploits Vulnerabilities in Linux and Windows
September 6, 2019Rewterz Threat Advisory – CVE-2019-10915 – Siemens SINETPLAN Improper Authorization Vulnerability
September 11, 2019Severity
Medium
Analysis Summary
CVE-2019-13540
Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code.
CVE-2019-13536
Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code.
CVE-2019-13544
Multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files, which may allow remote code execution.
Impact
- Remote code execution
- Application crash
Affected Vendors
Delta Electronics
Affected Products
TPEditor Versions 1.94 and prior
Remediation
Delta Electronics recommends affected users update to the latest version Version 1.95.