PT-2020-14801 · Delta Industrial Automation · Cncsoft Screeneditor

Kimiya

Published

2020-08-04

Updated

2020-08-06

CVE-2020-16201

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Delta Industrial Automation CNCSoft ScreenEditor versions 1.01.23 and prior

Description The issue allows an attacker to read information by exploiting multiple out-of-bounds read vulnerabilities. This can be achieved by processing specially crafted project files.

Recommendations For versions 1.01.23 and prior, as a temporary workaround, consider restricting the processing of project files from untrusted sources until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2020-16201

ZDI-20-941

ZDI-20-942

ZDI-20-944

ZDI-20-945

ZDI-20-946

ZDI-20-947

Affected Products

Cncsoft Screeneditor

PT-2020-14801 · Delta Industrial Automation · Cncsoft Screeneditor

CVE-2020-16201

Weakness Enumeration

Related Identifiers

Affected Products

References · 9