CVE-2020-23893: 
WildBit Viewer vulnerability analysis and mitigation

A User Mode Write Access Violation (AV) vulnerability exists in WildBit Viewer version 6.6, specifically in the Editor!TMethodImplementationIntercept+0x3c3682 component. This vulnerability was assigned CVE-2020-23893 and was disclosed on November 10, 2021. The vulnerability affects the application's handling of TIFF file formats (AttackerKB).

The vulnerability is characterized by a User Mode Write Access Violation that occurs when processing crafted TIFF files. The issue manifests in the Editor!TMethodImplementationIntercept+0x3c3682 component of WildBit Viewer v6.6. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (Medium), with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H. The attack requires local access and user interaction, but no privileges (AttackerKB).

When successfully exploited, this vulnerability allows attackers to cause a denial of service (DoS) condition in WildBit Viewer. The impact is primarily focused on the availability of the application, with no direct impact on confidentiality or integrity (AttackerKB).

Users should upgrade to a newer version of WildBit Viewer beyond version 6.6. The latest version available is 6.14 as of August 2024 (WildBit Software).