CVE-2019-10984
7.8 HIGHRed Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited...
Published: 2019-09-23 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 7.8 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- CWE
- CWE-465
Affected products
| Vendor | Product |
|---|---|
| redlion | crimson |
Description
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that causes the program to mishandle pointers.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2020-27283 — An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory loc... (5.3 MEDIUM)
- CVE-2020-27279 — A NULL pointer deference vulnerability has been identified in the protocol converter (7.5 HIGH)
- CVE-2020-27285 — The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database with... (9.1 CRITICAL)
- CVE-2019-10996 — Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited... (7.8 HIGH)
- CVE-2019-10990 — Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protecte... (6.5 MEDIUM)