Lucene search

JpcertCVE-2023-29160

HistoryJun 13, 2023 - 10:15 a.m.

CVE-2023-29160

2023-06-1310:15:10

CWE-787

jpcert

web.nvd.nist.gov

cve

2023

29160

buffer overflow

vulnerability

frenic rhc loader

security

nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

26.0%

JSON

Stack-based buffer overflow vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on the system where the affected product is installed may be disclosed or arbitrary code may be executed.

Affected configurations

Nvd

Vulners

Node

fujielectricfrenic_rhc_loaderRange≤1.1.0.3

VendorProductVersionCPE
fujielectricfrenic_rhc_loader*cpe:2.3:a:fujielectric:frenic_rhc_loader:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fujielectric	frenic_rhc_loader	*	cpe:2.3:a:fujielectric:frenic_rhc_loader::::::::

CNA Affected

[
  {
    "vendor": "FUJI ELECTRIC CO., LTD.",
    "product": "FRENIC RHC Loader",
    "versions": [
      {
        "version": "v1.1.0.3 and earlier",
        "status": "affected"
      }
    ]
  }
]

References

felib.fujielectric.co.jp/download/details.htm?dataid=45829407&site=global&lang=en

jvn.jp/en/vu/JVNVU97809354/

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

26.0%

JSON

Related for CVE-2023-29160