Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-32542: Multiple vulnerabilities in Fuji Electric products

Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.

CVE
Open in Source
#vulnerability#buffer_overflow

Published:2023/06/08 Last Updated:2023/06/08

Overview

Fuji Electric V-Server, V-Server Lite, TELLUS, and TELLUS Lite contain multiple vulnerabilities.

Products Affected

CVE-2023-31239

  • V-Server v4.0.15.0 and earlier
  • V-Server Lite v4.0.15.0 and earlier

CVE-2023-32538, CVE-2023-32273, CVE-2023-32201

  • TELLUS v4.0.15.0 and earlier
  • TELLUS Lite v4.0.15.0 and earlier

CVE-2023-32288

  • TELLUS v4.0.15.0 and earlier
  • TELLUS Lite v4.0.15.0 and earlier

CVE-2023-32276, CVE-2023-32270, CVE-2023-32542

  • TELLUS v4.0.15.0 and earlier
  • TELLUS Lite v4.0.15.0 and earlier

Description

Multiple vulnerabilities listed below exist in the simulator module and the remote monitoring software ‘V-Server Lite’ and ‘V-Server’ contained in the graphic editor 'V-SFT’, and the remote monitoring software ‘TELLUS’ and ‘TELLUS Lite’ provided by FUJI ELECTRIC CO., LTD.

  • Stack-based buffer overflow in V-Serve, V-Server Lite (CWE-121) - CVE-2023-31239

    CVSS v3

    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Base Score: 7.8

  • Stack-based buffer overflow in TELLUS, TELLUS Lite (CWE-121) - CVE-2023-32538, CVE-2023-32273, CVE-2023-32201

    CVSS v3

    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Base Score: 7.8

  • Out-of-bounds read in TELLUS, TELLUS Lite (CWE-125) - CVE-2023-32288

    CVSS v3

    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Base Score: 7.8

  • Stack-based buffer overflow in TELLUS, TELLUS Lite (CWE-121) - CVE-2023-32276

    CVSS v3

    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Base Score: 7.8

  • Access of memory location after end of buffer in TELLUS, TELLUS Lite (CWE-788) - CVE-2023-32270

    CVSS v3

    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Base Score: 7.8

  • Out-of-bounds read in TELLUS, TELLUS Lite (CWE-125) - CVE-2023-32542

    CVSS v3

    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Base Score: 7.8

Impact

CVE-2023-31239
Opening a specially crafted VPR file may lead to arbitrary code execution.

CVE-2023-32538, CVE-2023-32273, CVE-2023-32201
Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution.

CVE-2023-32288
Opening a specially crafted SIM file may lead to information disclosure and/or arbitrary code execution.

CVE-2023-32276, CVE-2023-32270, CVE-2023-32542
Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.

Vendor Status

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE