CVE-2023-40152

2023-11-2201:15:08

CWE-787

[email protected]

web.nvd.nist.gov

fuji electric

tellus lite

v-simulator

out of bounds write

cve-2023-40152

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.8%

JSON

When Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file an out of bounds write may occur.

Affected configurations

NVD

Node

fujielectrictellus_lite_v-simulatorRange<4.0.19.0

CPENameOperatorVersion
fujielectric:tellus_lite_v-simulatorfujielectric tellus lite v-simulatorlt4.0.19.0

CPE	Name	Operator	Version
fujielectric:tellus_lite_v-simulator	fujielectric tellus lite v-simulator	lt	4.0.19.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Tellus Lite V-Simulator",
    "vendor": "Fuji Electric",
    "versions": [
      {
        "lessThan": "4.0.19.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]