CVE-2022-1405 CNCSoft did not properly sanitize input, which allowed for a possible buffer overflow.
This issue could potentially result in the crash of the application. All users running a version prior to 1.01.32 are advised to update as soon as possible. A new hotfix has been released for Version 1.01.32 on July 29, 2017 which resolves this issue. All users running a version prior to 1.01.32 are advised to update as soon as possible.
Credential Management: All versions prior to 1.03.07 allows the use of special characters in the password field of a login form, which could result in a random password being displayed to the user.
Arma 3: All versions prior to 1.02.18 allows remote attackers to bypass the Steam Guard Protection via a crafted in-game server message.
Arma 3: All versions prior to 1.02.18 allows remote attackers to bypass the Steam Guard Protection via a crafted in-game server message.
Arma 3: All versions prior to 1.02.18 allows remote attackers to bypass the Steam Guard Protection via a crafted in-game server message.
A new hotfix has been released for Version 1.02.18 on July 25, 2017 which resolves these issues. All users running a version prior to 1.02.18 are advised to update as soon as possible.
Elevator: All versions prior to 1.12.01 does not properly sanitize input, allowing a possible buffer overflow and remote code execution
Windows-only vulnerabilities CVE-2022-1405
This issue could potentially result in the crash of the application. All users running a version prior to 1.01.32 are advised to update as soon as possible. A new hotfix has been released for Version 1.01.32 on July 29, 2017 which resolves this issue. All users running a version prior to 1.01.32 are advised to update as soon as possible.
Credential Management: All versions prior to 1.03.07 allows the use of special characters in the password field of a login form, which could result in a random password being displayed to the user.
Arma 3: All versions prior to 1.02.18 allows remote attackers to bypass the Steam Guard Protection via a crafted in-game server message.
Arma 3: All versions prior to 1.02.18 allows remote attackers to bypass the Steam Guard Protection via a crafted in-game server message.
Crash: CVE-2022-1405
All users running a version prior to 1.02.18 are advised to update as soon as possible. A new hotfix has been released for Version 1.02.18 on July 25, 2017 which resolves this issue. All users running a version prior to 1.02.18 are advised to update as soon as possible.
Credential Management: All versions prior to 1.03.07 allows the use of special characters in the password field of a login form, which could result in a random password being displayed to the user.
Firmware Updates
There are a few different types of firmware updates that can be obtained for your device.
1. Firmware update downloads
These downloads can be found on our website and will be provided to you in the form of an .exe file.
2. "Firmware Over-the-Air" (OTA) update
These OTA updates will be pushed out to devices automatically with no need to download anything first. They cannot be manually forced and will not overwrite other versions of the firmware on your phone.
Timeline
Published on: 08/31/2022 16:15:00 UTC
Last modified on: 09/05/2022 03:20:00 UTC