Main Vulnerability Database Vulnerabilities #VU24141

#VU24141 Input validation error in Asus products - CVE-2019-15912

Published: January 8, 2020

Vulnerability identifier: #VU24141

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber

CVE-ID: CVE-2019-15912

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
ASUS HG100
ASUS MW100
ASUS WS-101
ASUS TS-101
ASUS AS-101
ASUS MS-101
ASUS DL-101

Software vendor:
Asus

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the affected devices using ZigBee PRO due to insufficient validation of user-supplied input. A remote attacker can use the ZigBee trust center rejoin procedure to perform multiple denial of service attacks.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

#VU24141 Input validation error in Asus products - CVE-2019-15912

Description

Remediation

External links

Please verify you're human