CVE-2019-25624 - Vulnerability Analysis

Overview

Liquid Studio 2.17 contains a denial of service vulnerability caused by malformed input through the keyboard interface, letting local attackers crash the application by entering arbitrary characters during runtime.

Severity & Score

Impact

Local attackers can crash the application, causing it to become unresponsive or terminate abnormally.

Mitigation

Update to the latest version of Liquid Studio.

References

• http://www.pixarra.com/
• http://www.pixarra.com/uploads/9/4/6/3/94635436/tbliquidstudio_install.exe
• https://www.exploit-db.com/exploits/46128
• https://www.vulncheck.com/advisories/liquid-studio-denial-of-service-via-malformed-input

Related Resources

• Vulnerability Intelligence Dashboard
• Credential Scanner