{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25624", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-23T13:46:26.421Z", "datePublished": "2026-03-23T13:48:39.597Z", "dateUpdated": "2026-03-24T15:14:04.055Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-23T13:48:39.597Z"}, "datePublic": "2019-01-11T00:00:00.000Z", "title": "Liquid Studio 2.17 Denial of Service via Malformed Input", "descriptions": [{"lang": "en", "value": "Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the vulnerability by entering arbitrary characters during application runtime, causing the application to become unresponsive or terminate abnormally."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Unchecked Input for Loop Condition", "cweId": "CWE-606", "type": "CWE"}]}], "affected": [{"vendor": "Pixarra", "product": "Liquid Studio", "versions": [{"version": "2.17", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46128", "name": "ExploitDB-46128", "tags": ["exploit"]}, {"url": "http://www.pixarra.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.pixarra.com/uploads/9/4/6/3/94635436/tbliquidstudio_install.exe", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: Liquid Studio 2.17 Denial of Service via Malformed Input", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/liquid-studio-denial-of-service-via-malformed-input"}], "credits": [{"lang": "en", "value": "Ihsan Sencan", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T14:01:08.489303Z", "id": "CVE-2019-25624", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T15:14:04.055Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25624", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T14:01:08.489303Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T14:01:09.704Z"}}], "cna": {"title": "Liquid Studio 2.17 Denial of Service via Malformed Input", "credits": [{"lang": "en", "type": "finder", "value": "Ihsan Sencan"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Pixarra", "product": "Liquid Studio", "versions": [{"status": "affected", "version": "2.17"}]}], "datePublic": "2019-01-11T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46128", "name": "ExploitDB-46128", "tags": ["exploit"]}, {"url": "http://www.pixarra.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.pixarra.com/uploads/9/4/6/3/94635436/tbliquidstudio_install.exe", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/liquid-studio-denial-of-service-via-malformed-input", "name": "VulnCheck Advisory: Liquid Studio 2.17 Denial of Service via Malformed Input", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the vulnerability by entering arbitrary characters during application runtime, causing the application to become unresponsive or terminate abnormally."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-606", "description": "Unchecked Input for Loop Condition"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-23T13:48:39.597Z"}}}, "cveMetadata": {"cveId": "CVE-2019-25624", "state": "PUBLISHED", "dateUpdated": "2026-03-24T15:14:04.055Z", "dateReserved": "2026-03-23T13:46:26.421Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-23T13:48:39.597Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pixarra:liquid_studio:2.17:*:*:*:*:*:*:*", "matchCriteriaId": "773BCD5D-04A5-43BB-AC8E-19CB93ED6F74", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the vulnerability by entering arbitrary characters during application runtime, causing the application to become unresponsive or terminate abnormally."}], "id": "CVE-2019-25624", "lastModified": "2026-03-24T14:18:37.330", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-23T14:16:26.850", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "http://www.pixarra.com/"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "http://www.pixarra.com/uploads/9/4/6/3/94635436/tbliquidstudio_install.exe"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/46128"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/liquid-studio-denial-of-service-via-malformed-input"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-606"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.17"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Liquid Studio", "source": "cna", "vendor": "Pixarra"}, "product": "liquid_studio", "vendor": "pixarra"}], "analysis": {"en": {"generated_at": "2026-03-24T15:25:11.641224+00:00", "value": {"mitigation_remediation": ["Verify whether a newer, patched version of Liquid Studio is available from Pixarra and upgrade accordingly. If no patch exists, consider limiting the application\u2019s use to trusted users or running it in a controlled environment."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability is specific to Pixarra\u2019s Liquid Studio version 2.17. The description and CPE string confirm that only this version is affected, with no other version information supplied. It is therefore important to identify installations of this exact release.", "description_and_impact": "Liquid Studio 2.17 contains a flaw that allows a local user to crash the application by entering malformed characters via the keyboard. The input is not properly validated, leading to an unexpected termination or freeze of the process. The weakness is a classic input validation issue (CWE\u2011606), presenting a moderate severity denial\u2011of\u2011service scenario. When exploited, the affected system will experience loss of availability for the application, potentially disrupting workflows that rely on it.", "risk_and_exploitability": "The CVSS score of 6.9 indicates a moderate impact. The EPSS score of less than 1% suggests that current exploitation is unlikely, and the issue is not listed in the KEV catalog. The attack vector is local, requiring that an attacker have access to the machine and be able to interact with the application\u2019s keyboard interface. Without privileged or remote access, the likelihood of widespread exploitation remains low, though the availability impact is still significant for affected users."}}}}, "created": "2026-03-24T10:33:54.739060+00:00", "updated": "2026-03-25T21:28:11.408287+00:00", "vendors": ["pixarra", "pixarra$PRODUCT$liquid_studio"]}