CVE-2020-23890: 
WildBit Viewer vulnerability analysis and mitigation

CVE-2020-23890 is a buffer overflow vulnerability discovered in WildBit Viewer version 6.6. The vulnerability was disclosed on November 10, 2021, and affects the JPG file handling functionality of the application. This security flaw allows attackers to cause a denial of service (DoS) condition through the use of a specially crafted JPG file (AttackerKB).

The vulnerability is related to a buffer overflow condition where data from a faulting address is used as arguments in a subsequent function call, specifically starting at JPGCodec+0x753648. The vulnerability has a CVSS v3.1 Base Score of 5.5 (Medium), with an Impact Score of 3.6 and Exploitability Score of 1.8. The attack vector is Local, requires low attack complexity, needs no privileges, but does require user interaction (AttackerKB).

When successfully exploited, the vulnerability can lead to a denial of service condition in WildBit Viewer. The impact is primarily focused on the availability of the application, with no reported impact on confidentiality or integrity (AttackerKB).

Users should upgrade to a newer version of WildBit Viewer beyond version 6.6 to mitigate this vulnerability (WildBit Software).