CVE-2023-47581

2023-11-1505:40:54

jpcert

github.com

out-of-bounds read

tellus v4.0.17.0

tellus lite v4.0.17.0

arbitrary code execution

information disclosure

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Out-of-bounds read vulnerability exists in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 and earlier. If a user opens a specially crafted file (X1, V8, or V9 file), information may be disclosed and/or arbitrary code may be executed.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:fujielectric_and_hakko_electronics:tellus:*:*:*:*:*:*:*:*"
    ],
    "vendor": "fujielectric_and_hakko_electronics",
    "product": "tellus",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.0.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:fujielectric_and_hakko_electronics:tellus_lite:*:*:*:*:*:*:*:*"
    ],
    "vendor": "fujielectric_and_hakko_electronics",
    "product": "tellus_lite",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.0.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]