CVE-2022-40984

EUVD-2022-44230
Stack-based buffer overflow in WTViewerE series WTViewerE 761941 from 1.31 to 1.61 and WTViewerEfree from 1.01 to 1.52 allows an attacker to cause the product to crash by processing a long file name.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
Affected Products (NVD)
VendorProductVersion
yokogawawtviewere_761941
1.31 ≤
𝑥
< 1.62
yokogawawtviewerefree
1.01 ≤
𝑥
< 1.53
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cdn.aff.yokogawa.com/8/756/details/Vulnerability_in_YOKOGAWA_application_software_WTViewerE_r0_e.pdf
https://jvn.jp/en/vu/JVNVU99955870/index.html
https://cdn.aff.yokogawa.com/8/756/details/Vulnerability_in_YOKOGAWA_application_software_WTViewerE_r0_e.pdf
https://jvn.jp/en/vu/JVNVU99955870/index.html