CVE-2019-19161

CyMiInstaller322 ActiveX which runs MIPLATFORM downloads files required to run applications. A vulnerability in downloading files by CyMiInstaller322 ActiveX caused by an attacker to download randomly generated DLL files and MIPLATFORM to load those DLLs due to insufficient verification.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
krcertCNA
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
cymiinstaller322_activex_projectcymiinstaller322_activex
𝑥
≤ 2016.5.26.1
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
tobesoftmiplatform
𝑥
≤ 2016.5.26.1
CNA
Common Weakness Enumeration
References
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35479
https://www.tobesoft.com/Index.do
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35479
https://www.tobesoft.com/Index.do