CVE-2020-7554

Name of the Vulnerable Software and Affected Versions IGSS Definition (Def.exe) version 14.0.0.20247

Description A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer issue exists that could cause Remote Code Execution when a malicious CGF (Configuration Group File) file is imported to IGSS Definition.

Recommendations For version 14.0.0.20247, consider avoiding the import of CGF files from untrusted sources until a patch is available. As a temporary workaround, restrict the use of the CGF file import feature in IGSS Definition to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.