Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-12-30T17:39:59

Updated: 2024-08-05T02:16:47.378Z

Reserved: 2019-12-01T00:00:00

Link: CVE-2019-19470

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-12-30T18:15:16.167

Modified: 2024-11-21T04:34:48.160

Link: CVE-2019-19470

cve-icon Redhat

No data.