Use After Free Vulnerability in CX-Programmer by Yokogawa
CVE-2022-25230
7.8HIGH
What is CVE-2022-25230?
A use after free vulnerability has been identified in CX-Programmer up to version 9.76.1, which is part of the CX-One suite version 4.60. This vulnerability allows an attacker to exploit the software by tricking a user into opening a specially crafted CXP file. Successful exploitation can lead to information disclosure and potential arbitrary code execution, posing significant security risks for users.
Affected Version(s)
CX-Programmer CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite