CVE-2023-39341

🗓️ 09 Aug 2023 02:42:51Reported by jpcertType

"FFRI yarai" and OEM products DoS vulnerabilit

Reporter	Title	Published	Views	Family All 9
CNNVD	FFRI yarai security breach	7 Aug 202300:00	–	cnnvd
Cvelist	CVE-2023-39341	9 Aug 202302:42	–	cvelist
EUVD	EUVD-2023-43072	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	JVN#42527152: "FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly	7 Aug 202300:00	–	jvn
Japan Vulnerability Notes	"FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly	7 Aug 202308:39	–	jvn
NVD	CVE-2023-39341	9 Aug 202303:15	–	nvd
OSV	CVE-2023-39341	9 Aug 202303:15	–	osv
Prion	Race condition	9 Aug 202303:15	–	prion
Vulnrichment	CVE-2023-39341	9 Aug 202302:42	–	vulnrichment

NVD

Vulners

Node

ffri dual_safeMatch1.4.1

ffri ffri_yaraiRange3.4.0–3.4.6-

ffri ffri_yaraiMatch1.4.0home_and_business

ffri ffri_yaraiMatch3.5.0-

Node

soliton infotrace_mark_ii_malware_protectionRange3.0.1–3.2.2

soliton zeronaRange3.2.32–3.2.36

soliton zerona_plusRange3.2.32–3.2.36

Node

nec actsecure_x_managed_security_serviceRange3.4.0–3.4.6

nec actsecure_x_managed_security_serviceMatch3.5.0

Node

skygroup edr_plus_packRange3.4.0–3.4.6

skygroup edr_plus_packMatch3.5.0

skygroup edr_plus_pack_cloudRange3.4.0–3.4.6

skygroup edr_plus_pack_cloudMatch3.5.0

[
  {
    "vendor": "FFRI Security, Inc. ",
    "product": "FFRI yarai",
    "versions": [
      {
        "version": "versions 3.4.0 to 3.4.6 and 3.5.0",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "FFRI Security, Inc. ",
    "product": "FFRI yarai Home and Business Edition",
    "versions": [
      {
        "version": "version 1.4.0",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Soliton Systems K.K.",
    "product": "InfoTrace Mark II Malware Protection (Mark II Zerona)",
    "versions": [
      {
        "version": "versions 3.0.1 to 3.2.2",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Soliton Systems K.K.",
    "product": "Zerona / Zerona PLUS",
    "versions": [
      {
        "version": " versions 3.2.32 to 3.2.36",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "NEC Corporation",
    "product": "ActSecure χ",
    "versions": [
      {
        "version": "versions 3.4.0 to 3.4.6 and 3.5.0",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "SOURCENEXT CORPORATION ",
    "product": "Dual Safe Powered by FFRI yarai",
    "versions": [
      {
        "version": "version 1.4.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Sky Co., Ltd.",
    "product": "EDR Plus Pack",
    "versions": [
      {
        "version": "Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Sky Co., Ltd.",
    "product": "EDR Plus Pack Cloud",
    "versions": [
      {
        "version": "Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sourcenext	www.sourcenext.com/support/i/2023/230718_01
soliton	www.soliton.co.jp/support/zerona_notice_2023.html
jvn	www.jvn.jp/en/jp/JVN42527152/
support	www.support.nec.co.jp/View.aspx
ffri	www.ffri.jp/security-info/index.htm
skyseaclientview	www.skyseaclientview.net/news/230807_01/

21 Nov 2024 08:15Current

4.2Medium risk

Vulners AI Score4.2

CVSS 3.13.3

EPSS0.00033

SSVC

CWE-755