You are here

EZAutomation EZ Touch Editor (ICSA-19-246-01)

EZAutomation EZ Touch Editor (ICSA-19-246-01)

Created: Wednesday, September 4, 2019 - 10:23
Categories:
Cybersecurity

The NCCIC has published an advisory on a stack-based buffer overflow vulnerability in EZAutomation EZ Touch Editor. Versions 2.1.0 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application. EZAutomation recommends users update to Version 2.2.0 or later and, to further reduce the risk, to use project files from known sources. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.