ALEOS ACEView Service Out-Of-Bounds Read
CVE-2019-11852

3.7LOW

Key Information:

Vendor: Sierrawireless
Status: Aleos
Vendor: CVE Published:; 21 August 2020

🔔 Create Sierrawireless Vulnerability Alert

What is CVE-2019-11852?

An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. Sensitive information may be disclosed via the ACEviewservice, accessible by default on the LAN.

References

https://source.sierrawireless.com/resources/security-bull...

x_refsource_MISC

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2020
Vulnerability Reserved
May 9, 2019