CVE-2020-7551

Name of the Vulnerable Software and Affected Versions IGSS Definition (Def.exe) version 14.0.0.20247

Description A vulnerability exists in IGSS Definition that could cause Remote Code Execution when a malicious CGF (Configuration Group File) file is imported. This issue is related to an out-of-bounds write in memory, which may allow an attacker to execute arbitrary code. The vulnerability is associated with the improper restriction of operations within the bounds of a memory buffer.

Recommendations For IGSS Definition version 14.0.0.20247, consider disabling the import of CGF files until a patch is available to prevent potential Remote Code Execution. Restrict access to the Def.exe file to minimize the risk of exploitation. Avoid using malicious CGF files in the affected IGSS Definition version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.