Insufficient Verification in CyMiInstaller322 ActiveX Allows Unauthorized DLL Downloads

Insufficient Verification in CyMiInstaller322 ActiveX Allows Unauthorized DLL Downloads

CVE-2019-19161 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CyMiInstaller322 ActiveX which runs MIPLATFORM downloads files required to run applications. A vulnerability in downloading files by CyMiInstaller322 ActiveX caused by an attacker to download randomly generated DLL files and MIPLATFORM to load those DLLs due to insufficient verification.

Learn more about our Web Application Penetration Testing UK.