CVE-2022-46360

Name of the Vulnerable Software and Affected Versions V-SFT versions 6.1.7.0 and earlier TELLUS versions 4.0.12.0 and earlier

Description The issue allows a local attacker to obtain information and/or execute arbitrary code by having a user open a specially crafted image file. This is due to an out-of-bounds read vulnerability.

Recommendations For V-SFT versions 6.1.7.0 and earlier, update to a version later than 6.1.7.0 to resolve the issue. For TELLUS versions 4.0.12.0 and earlier, update to a version later than 4.0.12.0 to resolve the issue. As a temporary workaround, consider restricting the opening of image files from untrusted sources to minimize the risk of exploitation.