CVE-2022-43448

Name of the Vulnerable Software and Affected Versions V-SFT versions 6.1.7.0 and earlier TELLUS versions 4.0.12.0 and earlier

Description The issue is an out-of-bounds write vulnerability that allows a local attacker to obtain information and/or execute arbitrary code. This can be achieved by having a user open a specially crafted image file.

Recommendations For V-SFT versions 6.1.7.0 and earlier, update to a version later than 6.1.7.0 to resolve the issue. For TELLUS versions 4.0.12.0 and earlier, update to a version later than 4.0.12.0 to resolve the issue. As a temporary workaround, consider restricting the opening of image files from untrusted sources to minimize the risk of exploitation.