CVE-2023-38748

Name of the Vulnerable Software and Affected Versions CX-Programmer versions prior to V9.80

Description The issue is related to a use after free vulnerability, which can be exploited by having a user open a specially crafted CXP file. This may lead to information disclosure and/or arbitrary code execution.

Recommendations For versions prior to V9.80, update to a version that contains a fix for this issue. As a temporary workaround, consider avoiding the use of specially crafted CXP files to minimize the risk of exploitation. Restrict access to the CX-Programmer to minimize the risk of exploitation until a patch is available.