Denial of Service Vulnerability in EasyLobby Solo by Honeywell
CVE-2018-17490

7.7HIGH

Key Information:

Vendor: Hid Global
Status: Easylobby Solo
Vendor: CVE Published:; 21 March 2019

What is CVE-2018-17490?

The EasyLobby Solo software, developed by Honeywell, contains a vulnerability that enables local attackers to disrupt operations by accessing the kiosk's task manager. This exploitation can lead to critical service interruptions as the attacker can terminate ongoing processes at will and initiate new ones, thereby impairing the functionality of the system.

Affected Version(s)

EasyLobby Solo 11.0.4563

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/149650

vdb-entryx_refsource_XF

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 21, 2019
Vulnerability Reserved
Sep 25, 2018

JSON

Hid Global

What is CVE-2018-17490?

Affected Version(s)

References

CVSS V3.1

Timeline