Lucene search

IcscertCVELIST:CVE-2024-37022

HistoryJun 13, 2024 - 5:25 p.m.

CVE-2024-37022 Fuji Electric Tellus Lite V-Simulator Out-of-bounds Write

2024-06-1317:25:49

CWE-787

icscert

www.cve.org

fuji electric

tellus lite

v-simulator

out-of-bounds write

cve-2024-37022

memory manipulation

arbitrary code execution

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.5 High

CVSS4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

0.001 Low

EPSS

Percentile

32.6%

JSON

Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary code.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Tellus Lite V-Simulator",
    "vendor": "Fuji Electric",
    "versions": [
      {
        "lessThan": "4.0.20.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.cisa.gov/news-events/ics-advisories/icsa-24-165-14

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.5 High

CVSS4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

0.001 Low

EPSS

Percentile

32.6%

JSON

Related for CVELIST:CVE-2024-37022