Description
CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.
References
https://jvn.jp/en/vu/JVNVU91744508/index.html
Third Party Advisory
https://jvn.jp/en/vu/JVNVU91744508/index.html
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2023-01-17T10:15:11.943
2 years agoLast modified
2025-04-03T20:15:21.643
3 months ago