Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-30T17:39:59
Updated: 2024-08-05T02:16:47.378Z
Reserved: 2019-12-01T00:00:00
Link: CVE-2019-19470
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-12-30T18:15:16.167
Modified: 2024-11-21T04:34:48.160
Link: CVE-2019-19470
Redhat
No data.