1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. Red Lion Controls Crimson (Windows configuration software)

CVE CVE-2019-10990 Mappings

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2019-10990 Red Lion Controls Crimson (Windows configuration software) primary_impact T1078.001 Default Accounts
CVE-2019-10990 Red Lion Controls Crimson (Windows configuration software) secondary_impact T1066