A German cybersecurity agency, CERT-Bund, which is responsible for organising the country's response to any computer emergencies, has recently discovered what it describes as a critical flaw in the popular VLC Media Player.
VLC is known to be a highly compatible media player, and thus boasts an impressive
total downloads of over 3 billion, making this vulnerability all the more dangerous. CERT-Bund classified the vulnerability, officially logged as
CVE-2019-13615, to be a "High" (Level 4) exploit, which is the second-highest risk assessment level by the agency.
The exploit is rather nasty and allows attackers to not only execute code remotely but also allows for unauthorised disclosure of information, unauthorised modification of files and disruption of service.