从这个网页截图中可以获取到关于漏洞的关键信息如下: CVE ID: CVE-2022-40661 CVSS Score: 7.8, AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Vendors: NIKON Affected Products: NIS-Elements Viewer Vulnerability Details: - This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer. - User interaction is required to exploit this vulnerability. - The specific flaw exists within the parsing of BMP images due to lack of proper validation of data length before copying to a heap-based buffer. Mitigation: Given the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the application. Disclosure Timeline: - 2022-03-29 - Vulnerability reported to vendor - 2022-09-14 - Coordinated public release of advisory Credit: Mat Powell of Trend Micro Zero Day Initiative