Fujielectric Security Vulnerabilities
An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and prior. A memory corruption vulnerability has been identified (aka improper restriction of operations within the bounds of a memory buffer), which may allow remote code execution.
7.3CVSS
7.7AI Score
0.021EPSS
A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. The stack-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution.
8.8CVSS
9.1AI Score
0.108EPSS
A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. A heap-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution.
8.8CVSS
9.1AI Score
0.055EPSS
An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Monitouch V-SFT is installed in a directory with weak access controls by default, which could allow an authenticated attacker with local access to escalate privileges.
5.3CVSS
5.2AI Score
0.0005EPSS
A maliciously crafted project file may cause a buffer overflow, which may allow the attacker to execute arbitrary code that affects Fuji Electric V-Server Lite 4.0.3.0 and prior.
7.8CVSS
7.9AI Score
0.001EPSS
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types.
5.3CVSS
5.3AI Score
0.001EPSS
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device.
9.8CVSS
9.8AI Score
0.008EPSS
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device does not perform a check on the length/size of a project file before copying the entire contents of the file to a heap-based buffer.
9.8CVSS
9AI Score
0.002EPSS
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly parse FNC files that may allow for information disclosure.
5.3CVSS
5.1AI Score
0.001EPSS
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly check user-supplied comments which may allow for arbitrary remote code execution.
9.8CVSS
9.7AI Score
0.008EPSS
Fuji Electric V-Server 4.0.3.0 and prior, A use after free vulnerability has been identified, which may allow remote code execution.
9.8CVSS
9.8AI Score
0.017EPSS
Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer dereference vulnerabilities have been identified, which may allow remote code execution.
9.8CVSS
10AI Score
0.013EPSS
An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utili...
7.8CVSS
7.5AI Score
0.001EPSS
Fuji Electric V-Server 4.0.3.0 and prior, A heap-based buffer overflow vulnerability has been identified, which may allow remote code execution.
9.8CVSS
10AI Score
0.01EPSS
Fuji Electric V-Server 4.0.3.0 and prior, Several out-of-bounds write vulnerabilities have been identified, which may allow remote code execution.
9.8CVSS
10AI Score
0.013EPSS
Fuji Electric V-Server 4.0.3.0 and prior, An integer underflow vulnerability has been identified, which may allow remote code execution.
9.8CVSS
9.7AI Score
0.007EPSS
Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified, which may allow remote code execution.
9.8CVSS
9.7AI Score
0.013EPSS
Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.
9.8CVSS
10AI Score
0.01EPSS
A Stack-based Buffer Overflow issue was discovered in Fuji Electric V-Server VPR 4.0.1.0 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.
9.8CVSS
9.9AI Score
0.016EPSS
An out-of-bounds read vulnerability has been identified in Fuji Electric Alpha7 PC Loader Versions 1.1 and prior, which may crash the system.
6.6CVSS
6.3AI Score
0.001EPSS
Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device.
3.3CVSS
3.8AI Score
0.001EPSS
Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application.
7.8CVSS
7.9AI Score
0.009EPSS
In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code.
9.8CVSS
9.7AI Score
0.095EPSS
Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial of service via a crafted UDP message sent to port 8005. An unauthenticated, remote attacker can crash vserver.exe due to an integer overflow in the UDP message handling logic.
7.5CVSS
7.5AI Score
0.003EPSS
Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server.
9.8CVSS
9.4AI Score
0.007EPSS
Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. The buffer allocated to read data, when parsing VPR files, is too small.
7.8CVSS
7.5AI Score
0.007EPSS
The affected Fuji Electric V-Server Lite versions prior to 3.3.24.0 are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.
7.8CVSS
7.7AI Score
0.001EPSS
Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
7.8CVSS
8AI Score
0.002EPSS
An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
7.8CVSS
7.8AI Score
0.001EPSS
A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
7.8CVSS
7.9AI Score
0.001EPSS
Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
7.8CVSS
8AI Score
0.001EPSS
Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
7.8CVSS
7.8AI Score
0.001EPSS
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an untrusted pointer dereference, which may allow an attacker to execute arbitrary code and cause the application to crash.
7.8CVSS
7.8AI Score
0.001EPSS
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service.
7.8CVSS
7.4AI Score
0.001EPSS
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to a stack-based buffer overflow, which may allow an attacker to achieve code execution.
7.8CVSS
7.6AI Score
0.005EPSS
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable a heap-based buffer overflow when parsing a specially crafted project file, which may allow an attacker to execute arbitrary code.
7.8CVSS
8AI Score
0.002EPSS
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds write, which can result in data corruption, a system crash, or code execution.
7.8CVSS
7.6AI Score
0.001EPSS
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds read, which may allow an attacker to read sensitive information from other memory locations or cause a crash.
7.8CVSS
6.6AI Score
0.001EPSS
Fuji Electric D300win prior to version 3.7.1.17 is vulnerable to a write-what-where condition, which could allow an attacker to overwrite program memory to manipulate the flow of information.
9.1CVSS
9AI Score
0.001EPSS
Fuji Electric D300win prior to version 3.7.1.17 is vulnerable to an out-of-bounds read, which could allow an attacker to leak sensitive data from the process memory.
8.7CVSS
7.3AI Score
0.001EPSS
Alpha7 PC Loader (All versions) is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code.
7.8CVSS
7.9AI Score
0.001EPSS
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.
5.5CVSS
5.1AI Score
0.001EPSS
The affected product is vulnerable to an out-of-bounds read, which may result in disclosure of sensitive information.
5.5CVSS
5.3AI Score
0.001EPSS
The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution.
7.8CVSS
7.8AI Score
0.001EPSS
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
7.8CVSS
7.8AI Score
0.002EPSS
The affected product is vulnerable to an out-of-bounds read, which may result in code execution
7.8CVSS
7.7AI Score
0.001EPSS
Heap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
7.8CVSS
7.8AI Score
0.001EPSS
Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
7.8CVSS
7.5AI Score
0.001EPSS
Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
7.8CVSS
7.8AI Score
0.001EPSS
Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
7.8CVSS
7.6AI Score
0.001EPSS