CVE-2022-21219

Name of the Vulnerable Software and Affected Versions CX-Programmer versions 9.76.1 and earlier

Description The issue is related to an out-of-bounds read vulnerability and a use-after-free vulnerability. This allows an attacker to cause information disclosure and/or arbitrary code execution by having a user open a specially crafted CXP file. The vulnerability can be exploited to reveal protected information or execute arbitrary code.

Recommendations For CX-Programmer versions 9.76.1 and earlier, update to a version later than 9.76.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.