CVE-2023-22349
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
13/02/2023
Last modified:
21/03/2025
Description
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:jtekt:screen_creator_advance_2:*:*:*:*:*:*:*:* | 0.1.1.4 (including) | |
| cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:build01:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://jvn.jp/en/vu/JVNVU98917488/
- https://www.electronics.jtekt.co.jp/en/topics/202302035233/
- https://www.electronics.jtekt.co.jp/jp/topics/2023020313454/
- https://jvn.jp/en/vu/JVNVU98917488/
- https://www.electronics.jtekt.co.jp/en/topics/202302035233/
- https://www.electronics.jtekt.co.jp/jp/topics/2023020313454/