Strix
26.1K

CVE-2019-13193

HIGHCVSS 8.8/10EPSS 3.09%

Last modified

CVE-2019-13193 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device.. EPSS estimates a 3.09% chance of exploitation in the next 30 days.

Description

Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device.

Metrics

CVSS 3.1
8.8/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
3.09%

86.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
BrotherAds-2400n FirmwareAll versions
BrotherAds-2800w FirmwareAll versions
BrotherAds-3000n FirmwareAll versions
BrotherAds-3600w FirmwareAll versions
BrotherDcp-1610w FirmwareAll versions
BrotherDcp-1610we FirmwareAll versions
BrotherDcp-1610wr FirmwareAll versions
BrotherDcp-1610wvb FirmwareAll versions
BrotherDcp-1612w FirmwareAll versions
BrotherDcp-1612we FirmwareAll versions
BrotherDcp-1612wr FirmwareAll versions
BrotherDcp-1612wvb FirmwareAll versions
BrotherDcp-1615nw FirmwareAll versions
BrotherDcp-1616nw FirmwareAll versions
BrotherDcp-1617nw FirmwareAll versions
BrotherDcp-1618w FirmwareAll versions
BrotherDcp-1622we FirmwareAll versions
BrotherDcp-1623we FirmwareAll versions
BrotherDcp-1623wr FirmwareAll versions
BrotherDcp-7180dn FirmwareAll versions
BrotherDcp-7195dw FirmwareAll versions
BrotherDcp-9030cdn FirmwareAll versions
BrotherDcp-B7520dw FirmwareAll versions
BrotherDcp-B7530dn FirmwareAll versions
BrotherDcp-B7535dw FirmwareAll versions
BrotherDcp-J1100dw FirmwareAll versions
BrotherDcp-J572dw FirmwareAll versions
BrotherDcp-J572n FirmwareAll versions
BrotherDcp-J577n FirmwareAll versions
BrotherDcp-J582n FirmwareAll versions
BrotherDcp-J772dw FirmwareAll versions
BrotherDcp-J774dw FirmwareAll versions
BrotherDcp-J972n FirmwareAll versions
BrotherDcp-J973n-B FirmwareAll versions
BrotherDcp-J973n-W FirmwareAll versions
BrotherDcp-J978n-B FirmwareAll versions
BrotherDcp-J978n-W FirmwareAll versions
BrotherDcp-J981n FirmwareAll versions
BrotherDcp-J982n-B FirmwareAll versions
BrotherDcp-J982n-W FirmwareAll versions
BrotherDcp-J988n\(Jpn\) FirmwareAll versions
BrotherDcp-L2520dw FirmwareAll versions
BrotherDcp-L2520dwr FirmwareAll versions
BrotherDcp-L2530dw FirmwareAll versions
BrotherDcp-L2531dw FirmwareAll versions
BrotherDcp-L2532dw FirmwareAll versions
BrotherDcp-L2535dw FirmwareAll versions
BrotherDcp-L2537dw FirmwareAll versions
BrotherDcp-L2540dn FirmwareAll versions
BrotherDcp-L2540dnr FirmwareAll versions

Showing 50 of 300 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-13193?
Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device.
How severe is CVE-2019-13193?
CVE-2019-13193 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 3.09% probability of exploitation in the next 30 days.
How do I fix CVE-2019-13193?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-13193?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST