CVE-2019-7256

unknown KEV

Published 2024-03-25 · Modified 2024-03-25

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution.

CISA KEV

Vendor: Nice
Product: Linear eMerge E3-Series
Due date: 2024-04-15

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://linear-solutions.com/wp-content/uploads/E3-Bulletin-06-27-2023.pdf, https://www.cisa.gov/news-events/ics-advisories/icsa-24-065-01; https://nvd.nist.gov/vuln/detail/CVE-2019-7256

Exploits

References

https://linear-solutions.com/wp-content/uploads/E3-Bulletin-06-27-2023.pdf, https://www.cisa.gov/news-events/ics-advisories/icsa-24-065-01; https://nvd.nist.gov/vuln/detail/CVE-2019-7256

Verify integrity in audit chain (admin only). AS-IS.