CVE-2023-22346

Published: Feb 13, 2023Modified: Mar 21, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.

Affected (2)

Products: Jtekt: Screen Creator Advance 2

1 product

Screen Creator Advance 2

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Jtekt Screen Creator Advance 2	Up to 0.1.1.4
Jtekt Screen Creator Advance 2	Version 0.1.1.4 build01

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (6)

https://jvn.jp/en/vu/JVNVU98917488/

Source: vultures@jpcert.or.jp

PatchThird Party AdvisoryVDB Entry

https://www.electronics.jtekt.co.jp/en/topics/202302035233/

Source: vultures@jpcert.or.jp

PatchVendor Advisory

https://www.electronics.jtekt.co.jp/jp/topics/2023020313454/

Source: vultures@jpcert.or.jp

PatchVendor Advisory

https://jvn.jp/en/vu/JVNVU98917488/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party AdvisoryVDB Entry

https://www.electronics.jtekt.co.jp/en/topics/202302035233/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.electronics.jtekt.co.jp/jp/topics/2023020313454/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.