CVE-2017-9636

Name of the Vulnerable Software and Affected Versions Mitsubishi E-Designer version 7.52 Build 344

Description The issue is related to a heap-based buffer overflow in the processing of a driver configuration file, which can be exploited to achieve arbitrary code execution, compromise data integrity, cause a denial of service, or result in a system crash. This can be triggered by a remote attacker using a specially crafted file or web page.

Recommendations For Mitsubishi E-Designer version 7.52 Build 344, consider disabling the processing of driver configuration files until a patch is available to prevent potential exploitation. Restrict access to the configuration file handling module to minimize the risk of remote code execution. Avoid using specially crafted files or web pages that could trigger the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.