CVE-2023-0622

Name of the Vulnerable Software and Affected Versions Cscape Envision RV version 4.60

Description The issue is related to an out-of-bounds write vulnerability when parsing project files, also known as HMI files. This occurs due to the product's lack of proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage this to execute arbitrary code in the context of the current process.

Recommendations For Cscape Envision RV version 4.60, consider updating to a newer version that addresses the out-of-bounds write vulnerability, although the specific fixed version is not provided in the available information. As a temporary workaround, restricting the parsing of project files from untrusted sources may help minimize the risk of exploitation.