Lucene search

IcscertVULNRICHMENT:CVE-2024-37029

HistoryJun 13, 2024 - 5:23 p.m.

CVE-2024-37029 Fuji Electric Tellus Lite V-Simulator Stack-based Buffer Overflow

2024-06-1317:23:40

CWE-121

icscert

github.com

fuji electric

tellus lite

vulnerable

buffer overflow

arbitrary code

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.5 High

CVSS4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.9%

JSON

Fuji Electric Tellus Lite V-Simulator
is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Tellus Lite V-Simulator",
    "vendor": "Fuji Electric",
    "versions": [
      {
        "lessThan": "4.0.20.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.cisa.gov/news-events/ics-advisories/icsa-24-165-14

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.5 High

CVSS4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.9%

JSON

Related for VULNRICHMENT:CVE-2024-37029