CVE-2022-23985
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
25/02/2022
Last modified:
10/05/2022
Description
The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
6.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:fatek:fvdesigner:*:*:*:*:*:*:*:* | 1.5.100 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-055-01
- https://www.zerodayinitiative.com/advisories/ZDI-22-432/
- https://www.zerodayinitiative.com/advisories/ZDI-22-433/
- https://www.zerodayinitiative.com/advisories/ZDI-22-434/
- https://www.zerodayinitiative.com/advisories/ZDI-22-437/
- https://www.zerodayinitiative.com/advisories/ZDI-22-438/
- https://www.zerodayinitiative.com/advisories/ZDI-22-440/