Arbitrary Code Execution Vulnerability in Unity Editor by Unity Technologies
CVE-2019-9197

8.8HIGH

Key Information:

Vendor

Unity3d

Status
Unity Editor
Vendor
CVE Published:
31 December 2019

What is CVE-2019-9197?

The Unity Editor version 2018.3 contains a vulnerability in the com.unity3d.kharma protocol handler, which allows remote attackers to execute arbitrary code on the affected systems. This security issue exposes users to potential unauthorized access and manipulation of their environment, making it essential for developers and organizations to ensure their installations are up to date and secure against such threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.zerodayinitiative.com/advisories/ZDI-19-252/
x_refsource_MISC
https://unity3d.com/security#CVE-2019-9197
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.