CVE-2022-3379

Name of the Vulnerable Software and Affected Versions Horner Automation's Cscape versions 9.90 SP7 and prior

Description The issue is related to improper validation of user-supplied data, which can lead to a buffer overflow in memory. This can be exploited if a user opens a maliciously formed FNT file, allowing an attacker to execute arbitrary code within the current process.

Recommendations For versions 9.90 SP7 and prior, consider avoiding the use of FNT files from untrusted sources until a patch is available. As a temporary workaround, restrict access to the functionality that handles FNT files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.