Main Vulnerability Database SB2019013104

SB2019013104 - Security restrictions bypass in BD FACSLyric

Published: January 31, 2019

Security Bulletin ID SB2019013104

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper access control (CVE-ID: CVE-2019-6517)

The vulnerability allows a physical attacker to bypass security restrictions.

The vulnerability exists due to the application does not properly enforce user access control to privileged accounts. A physical attacker can gain unauthorized access to administrative level functions.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://ics-cert.us-cert.gov/advisories/ICSMA-19-029-02