Memory Corruption Vulnerability in Red Lion Controls Crimson

Memory Corruption Vulnerability in Red Lion Controls Crimson

CVE-2019-10996 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that can reference memory after it has been freed.

Learn more about our User Device Pen Test.