CVE-2022-26302
CVE-2022-26302
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Jun 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Heap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
Affected products
FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. · V-SFT