CVE-2022-40656

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 15, 2022

Updated: Jan 7, 2025

CWE ID 125

Summary

CVE-2022-40656 is a vulnerability affecting NIKON NIS-Elements Viewer 13.2.0.21165, which allows remote attackers to execute arbitrary code. This exploit requires user interaction, as the target must visit a malicious webpage or open a specially crafted ND2 file. The flaw resides in the ND2 file parsing process, causing a read beyond the end of an allocated buffer. An attacker can subsequently execute code in the context of the current process. This vulnerability was identified as ZDI-CAN-15072.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Nikon

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/n-Honr
https://www.cve.org/CVERecord?id=CVE-2022-40656
https://nvd.nist.gov/vuln/detail/CVE-2022-40656

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2022-40656

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations