CVE-2019-11851: Buffer Overflow
First published: Mon Dec 26 2022(Updated: )
The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sierra Wireless ALEOS | >=4.10.0<4.14.0 | |
| Sierra Wireless AirLink LX40 | ||
| Sierra Wireless AirLink LX60 | ||
| Sierra Wireless AirLink MP70 | ||
| Sierra Wireless MP70e | ||
| Sierra Wireless RV50 Firmware | ||
| Sierra Wireless AirLink RV50X | ||
| Sierra Wireless ALEOS | >=4.9.0<4.9.5 | |
| Sierra Wireless AirLink ES450 | ||
| Sierra Wireless AirLink GX450 | ||
| Sierra Wireless ALEOS | <4.4.9 | |
| Sierra Wireless ES440 | ||
| Sierra Wireless Gx400 | ||
| Sierra Wireless GX440 | ||
| Sierra Wireless LS300 | ||
| All of | ||
| Sierra Wireless ALEOS | >=4.10.0<4.14.0 | |
| Any of | ||
| Sierra Wireless AirLink LX40 | ||
| Sierra Wireless AirLink LX60 | ||
| Sierra Wireless AirLink MP70 | ||
| Sierra Wireless MP70e | ||
| Sierra Wireless RV50 Firmware | ||
| Sierra Wireless AirLink RV50X | ||
| All of | ||
| Sierra Wireless ALEOS | >=4.5.0<4.9.5 | |
| Any of | ||
| Sierra Wireless AirLink ES450 | ||
| Sierra Wireless AirLink GX450 | ||
| All of | ||
| Sierra Wireless ALEOS | <4.4.9 | |
| Any of | ||
| Sierra Wireless ES440 | ||
| Sierra Wireless Gx400 | ||
| Sierra Wireless GX440 | ||
| Sierra Wireless LS300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-11851.
What is the severity of CVE-2019-11851?
The severity of CVE-2019-11851 is critical with a severity value of 9.8.
What is the affected software for CVE-2019-11851?
The affected software for CVE-2019-11851 is Sierra Wireless ALEOS versions before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0.
How can remote attackers exploit CVE-2019-11851?
Remote attackers can exploit CVE-2019-11851 through a buffer overflow to execute arbitrary code.
Where can I find more information about CVE-2019-11851?
You can find more information about CVE-2019-11851 in the Sierra Wireless security bulletin and on the Sierra Wireless company security page.
- agent/references
- agent/type
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/sierrawireless
- canonical/sierra wireless aleos
- version/sierra wireless aleos/4.10.0
- canonical/sierra wireless airlink lx40
- canonical/sierra wireless airlink lx60
- canonical/sierra wireless airlink mp70
- canonical/sierra wireless mp70e
- canonical/sierra wireless rv50 firmware
- canonical/sierra wireless airlink rv50x
- version/sierra wireless aleos/4.9.0
- canonical/sierra wireless airlink es450
- canonical/sierra wireless airlink gx450
- canonical/sierra wireless es440
- canonical/sierra wireless gx400
- canonical/sierra wireless gx440
- canonical/sierra wireless ls300
- version/sierra wireless aleos/4.5.0