CNNVD-202507-2714 Information
Jul 21, 2025
cve
CNNVD ID
CNNVD-202507-2714
Related CVE
- CNNVD Published: 2025-07-21
Description (Chinese)
INVT HMITool是中国英威腾(INVT)公司的一个HMI编程与配置软件。 INVT HMITool存在缓冲区错误漏洞,该漏洞源于解析VPM文件时存在越界写入,可能导致远程代码执行。
Description (English)
INVT Hmitool is a HMI programming and configuration software of the Chinese company INVT. INVT HMITool has an error loophole in the buffer zone, which stems from the cross-border writing of VPM files when they are analysed, which may lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
英威腾
Published
2025-07-21
Last Modified
2026-02-24
References
https://www.zerodayinitiative.com/advisories/ZDI-25-475/
Patch
https://www.invt.com/software-download
Share on: