CVE-2019-25620

Summary

Tree Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the vulnerability by entering arbitrary characters during application runtime, causing the application to become unresponsive or terminate abnormally.

Affected Software

VendorProductVersion RangeStatus
PixarraTree Studio2.17affected

Weaknesses

  • CWE-168: Improper Handling of Inconsistent Special Elements

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References