CVE-2019-19470
N/A
N/A
Summary
Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.wilderssecurity.com/threads/beta-testing-tinywall.309739/page-62#post-2882843
- https://gist.github.com/pylorak/7df52c9325614676e07782dbe4e81582
References
- https://www.wilderssecurity.com/threads/beta-testing-tinywall.309739/page-62#post-2882843
- https://gist.github.com/pylorak/7df52c9325614676e07782dbe4e81582
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.