CVE-2023-47582

Name of the Vulnerable Software and Affected Versions TELLUS versions 4.0.17.0 and earlier TELLUS Lite versions 4.0.17.0 and earlier

Description The issue is related to the access of an uninitialized pointer, which can lead to information disclosure and/or arbitrary code execution. This can occur when a user opens a specially crafted file, such as X1, V8, or V9 files. The vulnerability can be exploited by a remote attacker using such a file, potentially allowing them to execute arbitrary code.

Recommendations For TELLUS versions 4.0.17.0 and earlier, avoid opening specially crafted files until a patch is available. For TELLUS Lite versions 4.0.17.0 and earlier, avoid opening specially crafted files until a patch is available. As a temporary workaround, consider restricting access to files that could potentially exploit the vulnerability, such as X1, V8, or V9 files, until a patch is available.