CVE-2023-52277

Name of the Vulnerable Software and Affected Versions Royal RoyalTSX version 6.0.2.1 and earlier

Description The issue allows attackers to cause a denial of service, resulting in heap memory corruption and application crash, or possibly have unspecified other impact via a long hostname in an RTSZ file. This occurs when the victim clicks on Test Connection, during SecureGatewayHost object processing in the createNWConnection() function.

Recommendations For Royal RoyalTSX version 6.0.2.1 and earlier, update to version 6.0.2.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of long hostnames in RTSZ files and restricting the Test Connection feature until a patch is applied.