CVE-2020-10646

Name of the Vulnerable Software and Affected Versions: Fuji Electric V-Server Lite versions prior to 4.0.9.0

Description: The issue is related to a heap-based buffer overflow when parsing VPR files. This occurs because the buffer allocated to read data is too small. Exploitation of this issue may allow an attacker to execute arbitrary code on the target system by opening a specially crafted malicious VPR file.

Recommendations: For versions prior to 4.0.9.0, update to version 4.0.9.0 or later to resolve the issue. As a temporary workaround, consider restricting access to VPR files or avoiding the use of VPR file parsing functionality until a patch is applied.