PT-2023-6868 · Tellus+1 · Tellus+1
Michael Heinzl
·
Published
2023-11-10
·
Updated
2024-08-12
·
CVE-2023-47581
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TELLUS versions 4.0.17.0 and earlier
TELLUS Lite versions 4.0.17.0 and earlier
Description
An out-of-bounds read issue exists, potentially allowing information disclosure and/or arbitrary code execution when a user opens a specially crafted file, such as X1, V8, or V9 files. This could be exploited by a remote attacker using such files.
Recommendations
For TELLUS versions 4.0.17.0 and earlier, consider avoiding the use of X1, V8, or V9 files until a patch is available.
For TELLUS Lite versions 4.0.17.0 and earlier, consider avoiding the use of X1, V8, or V9 files until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tellus
Tellus Lite