Alpha5 Smart Loader Firmware
CVE-2019-13520
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application.
AnalysisAI
Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-121. Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application. Affected products include: Fujielectric Alpha5 Smart Loader Firmware. Version information: prior to 4.2..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Alpha5 Smart Loader Firmware
View allFuji Electric Alpha5 Smart Loader Versions 3.7 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remo
The affected product is vulnerable to an out-of-bounds read, which may result in code execution. Rated high severity (CV
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary co
The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution. Rated high severit
The affected product is vulnerable to an out-of-bounds read, which may result in disclosure of sensitive information. Ra
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure. R
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remote
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today