CVE-2019-10924

Name of the Vulnerable Software and Affected Versions LOGO! Soft Comfort versions prior to V8.3

Description A vulnerability has been identified that could allow an attacker to execute arbitrary code if a legitimate user opens a manipulated project file. No further privileges are required on the target system. The issue is related to errors in access control. Exploitation could compromise the confidentiality, integrity, and availability of the engineering station. At the time of advisory publication, no public exploitation of this security issue was known.

Recommendations For versions prior to V8.3, update to version V8.3 or later to resolve the issue. As a temporary workaround, consider restricting the opening of project files from untrusted sources to minimize the risk of exploitation.