VDB
CVE-2019-1912
CVE-2019-1912
PUBLISHED
CVSS 9.100000381469727 CRITICAL
De multiples vulnérabilités ont été découvertes dans Cisco 220 Series Smart Switches. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
EPSS 12.21% · 94.0th percentile
Risk Scores
CVSS 3.0
9.100000381469727
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score
12.21%
94.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | sg220-26_firmware | 0 |
| cisco | sf220-48_firmware | 0 |
| cisco | sg220-50p_firmware | 0 |
| Cisco | Cisco Small Business 220 Series Smart Plus Switches | unspecified |
| cisco | sg220-28_firmware | 0 |
| cisco | sg220-26p_firmware | 0 |
| cisco | sf-220-24_firmware | 0 |
| cisco | sg220-52_firmware | 0 |
| Cisco | N/A | |
| cisco | sg220-50_firmware | 0 |
| cisco | sf220-24p_firmware | 0 |
| cisco | sf220-48p_firmware | 0 |
| cisco | sg220-28mp_firmware | 0 |
Exploit Intelligence
- 20190806 Cisco Small Business 220 Series Smart Switches Authentication Bypass Vulnerability (circl)
- http://packetstormsecurity.com/files/154667/Realtek-Managed-Switch-Controller-RTL83xx-Stack-Overflow.html (circl)
- Cisco Small Business 220 Series - Multiple Vulnerabilities (variot)
- Cisco Small Business 220 Series - Multiple Vulnerabilities (variot)
- Cisco Small Business 220 Series - Multiple Vulnerabilities - Hardware remote Exploit (variot)
- Cisco Small Business 220 Series - Multiple Vulnerabilities - Hardware remote Exploit (variot)
- Cisco Small Business 220 Series - Multiple Vulnerabilities (variot)
- Cisco Small Business 220 Series - Multiple Vulnerabilities - Hardware remote Exploit (variot)
- Cisco Small Business 220 Series - Multiple Vulnerabilities (0day-today)
- Cisco Small Business 220 Series - Multiple Vulnerabilities (0day-today)
Timeline
- Oct 21, 2017 PoC Published
- Aug 6, 2019 CVE Published
- Sep 30, 2019 PoC Published
- Oct 1, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
References
- 20190806 Cisco Small Business 220 Series Smart Switches Authentication Bypass Vulnerability vendor-advisory
- http://packetstormsecurity.com/files/154667/Realtek-Managed-Switch-Controller-RTL83xx-Stack-Overflow.html url
- https://nvd.nist.gov/vuln/detail/CVE-2019-1912 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190806-sb220-rce advisory