A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25199
Reference (s):
- https://us-cert.cisa.gov/ics/advisories/icsa-20-238-03
- URL: https://us-cert.cisa.gov/ics/advisories/icsa-20-238-03