CVE-2019-16256 - SIMalliance Toolbox Browser Command Injection Vulnerability
Project:SIMalliance
Product:Toolbox Browser
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
SIMalliance Toolbox Browser Command Injection Vulnerability
Description
SIMalliance Toolbox Browser contains an command injection vulnerability that could allow remote attackers to retrieve location and IMEI information or execute a range of other attacks by modifying the attack message.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-16256