The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.
CPE | Name | Operator | Version |
---|---|---|---|
fvdesigner | le | 1.5.100 |
www.cisa.gov/uscert/ics/advisories/icsa-22-055-01
www.zerodayinitiative.com/advisories/ZDI-22-432/
www.zerodayinitiative.com/advisories/ZDI-22-433/
www.zerodayinitiative.com/advisories/ZDI-22-434/
www.zerodayinitiative.com/advisories/ZDI-22-437/
www.zerodayinitiative.com/advisories/ZDI-22-438/
www.zerodayinitiative.com/advisories/ZDI-22-440/