CVE-2024-31412

Name of the Vulnerable Software and Affected Versions CX-One CXONE-AL[][]D-V4 versions 9.81 and earlier

Description The issue is related to an out-of-bounds read vulnerability in CX-Programmer. This vulnerability can be exploited by opening a specially crafted project file, potentially leading to information disclosure and/or causing the product to crash. The exploitation may allow an attacker to crash the application or disclose protected information.

Recommendations For versions 9.81 and earlier, consider avoiding the use of specially crafted project files until a patch is available. As a temporary workaround, restrict the opening of project files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.