CVE-2019-11031

Published: 2019-08-22T15:15Z

Last Modified: 2024-11-21T04:20Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-update feature of IDVRUpdateService2 in DVRServer.exe. An attacker can upload files with a Setup-Files action, and then execute these files with SYSTEM privileges. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt