CVE-2019-12480 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 95%

Vendor	Product	Version
bacnet_protocol_stack_project	bacnet_protocol_stack	𝑥 ≤ 0.8.6

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-125 - Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

References

http://packetstormsecurity.com/files/153716/BACnet-Stack-0.8.6-Denial-Of-Service.html

https://1modm.github.io/CVE-2019-12480.html

https://sourceforge.net/p/bacnet/bugs/62/

https://sourceforge.net/p/bacnet/code/3220

https://sourceforge.net/p/bacnet/code/3223

https://sourceforge.net/p/bacnet/code/3224

https://sourceforge.net/p/bacnet/code/3225

http://packetstormsecurity.com/files/153716/BACnet-Stack-0.8.6-Denial-Of-Service.html

https://1modm.github.io/CVE-2019-12480.html

https://sourceforge.net/p/bacnet/bugs/62/

https://sourceforge.net/p/bacnet/code/3220

https://sourceforge.net/p/bacnet/code/3223

https://sourceforge.net/p/bacnet/code/3224

https://sourceforge.net/p/bacnet/code/3225