{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T15:51:14.688","vulnerabilities":[{"cve":{"id":"CVE-2019-8258","sourceIdentifier":"vulnerability@kaspersky.com","published":"2019-03-05T15:29:00.320","lastModified":"2024-11-21T04:49:35.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199."},{"lang":"es","value":"UltraVNC, en su revisión 1198, tiene una vulnerabilidad de desbordamiento de búfer de memoria dinámica (heap) en el código del cliente VNC, lo que resulta en la ejecución de código. Este ataque parece ser explotable mediante la conectividad de red. Esto se ha solucionado en la revisión 1199."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vulnerability@kaspersky.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.2.3","matchCriteriaId":"555D034F-3D64-4ED1-9B63-F8D59199E99C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:sinumerik_access_mymachine\\/p2p:*:*:*:*:*:*:*:*","versionEndExcluding":"4.8","matchCriteriaId":"D9345335-DF62-4472-93CD-E2C85453F91E"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:sinumerik_pcu_base_win10_software\\/ipc:*:*:*:*:*:*:*:*","versionEndExcluding":"14.00","matchCriteriaId":"7498412D-79FD-43FE-AD9B-5820FB5CF7D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:sinumerik_pcu_base_win7_software\\/ipc:*:*:*:*:*:*:*:*","versionEndIncluding":"12.01","matchCriteriaId":"1F603341-03C5-46CA-8A74-EC5A50135194"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory"]},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-004-ultravnc-heap-based-buffer-overflow/","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-161-06","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-004-ultravnc-heap-based-buffer-overflow/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-161-06","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}