Arbitrary Code Execution Vulnerability in NREL EnergyPlus

Arbitrary Code Execution Vulnerability in NREL EnergyPlus

CVE-2019-10974 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code.

Learn more about our Web Application Penetration Testing UK.