Remote Code Execution Vulnerability in Panasonic FPWIN Pro Software
CVE-2019-6532

7.8HIGH

Key Information:

Vendor

Panasonic

Status
Fpwin Pro
Vendor
CVE Published:
7 June 2019

What is CVE-2019-6532?

Panasonic FPWIN Pro software version 7.3.0.0 and earlier contains a vulnerability that allows an authenticated user to load malicious project files created by an attacker. This vulnerability stems from improper handling of resource properties, resulting in incompatible type errors. If exploited, this may lead to remote code execution, enabling unauthorized actions on the affected system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FPWIN Pro Version 7.3.0.0 and prior

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02
x_refsource_MISC
http://www.securityfocus.com/bid/108683
vdb-entryx_refsource_BID
https://www.zerodayinitiative.com/advisories/ZDI-19-568/
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.