CVE-2022-32524

Name of the Vulnerable Software and Affected Versions IGSS Data Server versions prior to V15.0.0.22170

Description The issue is related to a buffer copy without checking the size of input data, which could cause a stack-based buffer overflow. This might lead to remote code execution when an attacker sends specially crafted time reduced data messages.

Recommendations For versions prior to V15.0.0.22170, update to a version V15.0.0.22170 or later to resolve the issue. As a temporary workaround, consider restricting access to the IGSS Data Server to minimize the risk of exploitation. Avoid using the IGSSdataServer.exe with untrusted input until the issue is resolved.