Vulnerability Details : CVE-2019-6517
BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 2018 and BD FACSLyric IVD Windows 10 Professional Operating System US release does not properly enforce user access control to privileged accounts, which may allow for unauthorized access to administrative level functions.
Vulnerability category: BypassGain privilege
Products affected by CVE-2019-6517
- cpe:2.3:o:bd:facslyric:-:*:*:*:*:*:*:*
- cpe:2.3:o:bd:facslyric_ivd:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-6517
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 31 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-6517
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
6.8
|
MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
0.9
|
5.9
|
NIST |
CWE ids for CVE-2019-6517
-
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.Assigned by: ics-cert@hq.dhs.gov (Secondary)
References for CVE-2019-6517
-
http://www.securityfocus.com/bid/106766
BD FACSLyric CVE-2019-6517 Access Control Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
https://ics-cert.us-cert.gov/advisories/ICSMA-19-029-02
BD FACSLyric (Update A) | CISAThird Party Advisory;US Government Resource
Jump to