CVE-2019-3980
CVE-2019-3980 is a critical-severity vulnerability in Solarwinds Dameware Mini Remote Control with a CVSS 3.x base score of 9.8. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-346.
Key facts
- Severity: Critical (CVSS 3.x base score 9.8)
- CVSS v2: 10.0
- EPSS exploit prediction: 5% (91st percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-346
- Affected product: Solarwinds Dameware Mini Remote Control
- Published:
- Last modified:
Description
The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account.
Frequently asked questions
- What is CVE-2019-3980?
- The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account.
- How severe is CVE-2019-3980?
- CVE-2019-3980 has a CVSS 3.x base score of 9.8, rated critical severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is high, integrity high, and availability high.
- Is CVE-2019-3980 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 5% (91st percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2019-3980?
- CVE-2019-3980 affects Solarwinds Dameware Mini Remote Control. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2019-3980?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
- When was CVE-2019-3980 published?
- CVE-2019-3980 was published on 2019-10-08 and last updated on 2026-06-17.
References
- https://www.tenable.com/security/research/tra-2019-43
- https://www.tenable.com/security/research/tra-227-43
Affected products (1)
- cpe:2.3:a:solarwinds:dameware_mini_remote_control:12.1.0.89:*:*:*:*:*:*:*
More vulnerabilities in Solarwinds Dameware Mini Remote Control
- CVE-2021-31217 — Critical (CVSS 9.1): In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.
- CVE-2018-12897 — High (CVSS 7.8): SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.
- CVE-2019-9017 — High (CVSS 7.5): DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the…
- CVE-2015-8220 — High (CVSS 7.5): Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0…
- CVE-2019-3957 — High (CVSS 7.4): Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the…
- CVE-2004-1852 — Medium (CVSS 5.0): DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext,…
All CVEs affecting Solarwinds Dameware Mini Remote Control →
Other CWE-346 vulnerabilities
- CVE-2026-42901 — Critical (CVSS 10.0): Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.
- CVE-2026-6508 — Critical (CVSS 9.8): Origin Validation Error vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows…
- CVE-2026-2790 — Critical (CVSS 9.8): Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR…
- CVE-2022-50925 — Critical (CVSS 9.8): Prowise Reflect version 1.0.9 contains a remote keystroke injection vulnerability that allows attackers to send…
- CVE-2025-30466 — Critical (CVSS 9.8): This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS…
- CVE-2024-8487 — Critical (CVSS 9.8): A Cross-Origin Resource Sharing (CORS) vulnerability exists in modelscope/agentscope version v0.0.4. The CORS…