CVE-2019-19470

Published: Dec 30, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.wilderssecurity.com/threads/beta-testing-tinywall.309739/page-62#post-2882843

x_refsource_MISC

https://gist.github.com/pylorak/7df52c9325614676e07782dbe4e81582

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-19470

Description

Affected Products

References