Details of VAR-202206-0540

ID

VAR-202206-0540

CVE

CVE-2019-25063

TITLE

Sricam IP CCTV Camera Out-of-bounds Write Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2022-61891

DESCRIPTION

A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected is an unknown function of the component Device Viewer. The manipulation leads to memory corruption. Local access is required to approach this attack

Trust: 1.53

sources: NVD: CVE-2019-25063 // CNVD: CNVD-2022-61891 // VULMON: CVE-2019-25063

IOT TAXONOMY

category:	['IoT']	sub_category:	-	Trust: 0.6
category:	['camera device']	sub_category:	IP camera	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2022-61891

AFFECTED PRODUCTS

vendor:	sricam	model:	deviceviewer	scope:	eq	version:	3.12.0.1	Trust: 1.0
vendor:	sricam	model:	device viewer	scope:	eq	version:	3.12.0.1	Trust: 0.6

sources: CNVD: CNVD-2022-61891 // NVD: CVE-2019-25063

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-25063
value:	HIGH
Trust: 1.0
cna@vuldb.com:	CVE-2019-25063
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2022-61891
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202206-774
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2019-25063
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2022-61891
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2019-25063
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
cna@vuldb.com:	CVE-2019-25063
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	3.4
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2022-61891 // CNNVD: CNNVD-202206-774 // NVD: CVE-2019-25063 // NVD: CVE-2019-25063

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.0
problemtype:	CWE-787	Trust: 1.0

sources: NVD: CVE-2019-25063

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202206-774

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202206-774

EXTERNAL IDS

db:	NVD	id:	CVE-2019-25063	Trust: 2.4
db:	VULDB	id:	159432	Trust: 1.7
db:	CNVD	id:	CNVD-2022-61891	Trust: 0.6
db:	CNNVD	id:	CNNVD-202206-774	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULMON	id:	CVE-2019-25063	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2022-61891 // VULMON: CVE-2019-25063 // CNNVD: CNNVD-202206-774 // NVD: CVE-2019-25063

REFERENCES

url:	https://vuldb.com/?id.159432	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-25063	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2019-25063/	Trust: 0.6
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2022-61891 // VULMON: CVE-2019-25063 // CNNVD: CNNVD-202206-774 // NVD: CVE-2019-25063

SOURCES

db:	OTHER	id:	-
db:	CNVD	id:	CNVD-2022-61891
db:	VULMON	id:	CVE-2019-25063
db:	CNNVD	id:	CNNVD-202206-774
db:	NVD	id:	CVE-2019-25063

LAST UPDATE DATE

2025-01-30T21:21:00.221000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-61891	date:	2022-09-06T00:00:00
db:	VULMON	id:	CVE-2019-25063	date:	2022-06-08T00:00:00
db:	CNNVD	id:	CNNVD-202206-774	date:	2022-06-30T00:00:00
db:	NVD	id:	CVE-2019-25063	date:	2022-06-21T20:18:22.187

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-61891	date:	2022-09-06T00:00:00
db:	VULMON	id:	CVE-2019-25063	date:	2022-06-08T00:00:00
db:	CNNVD	id:	CNNVD-202206-774	date:	2022-06-08T00:00:00
db:	NVD	id:	CVE-2019-25063	date:	2022-06-08T09:15:08.193