Bad News for VLC Media Player Users
High-Risk Assessment
The CERT Confederation has classified the vulnerability as critical and awarded the risk assessment “High” (Level 4). This is the second-highest warning level for security holes in the CERT. Unlike in June, however, no cases have yet become known in which the vulnerability has been actively exploited According to the warning, the vulnerability allows remote attackers to unnoticed code execution on the PC their victims. The vulnerability has already been described in CVE-2019-13615: “A remote, anonymous attacker can exploit a vulnerability in VLC to execute arbitrary code, create a denial of service state, disclose information, or manipulate files,” the report said warning message. So far there is no update from VLC, and it is also not known when a security update will come out. Therefore, one should consider whether one does not dodge to another player at the moment.
