Lucene search

JpcertVULNRICHMENT:CVE-2024-40895

HistoryJul 30, 2024 - 8:37 a.m.

CVE-2024-40895

2024-07-3008:37:07

jpcert

github.com

cve-2024-40895

ffri amc

remote unauthenticated attacker

arbitrary os commands

notification program

batch file

command file

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

16.3%

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:ffri:ffri_amc:3.4.0:*:*:*:*:*:*:*"
    ],
    "vendor": "ffri",
    "product": "ffri_amc",
    "versions": [
      {
        "status": "affected",
        "version": "3.4.0",
        "lessThan": "3.5.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:skygroup:edr_plus_pack:3.4.0:*:*:*:*:*:*:*"
    ],
    "vendor": "skygroup",
    "product": "edr_plus_pack",
    "versions": [
      {
        "status": "affected",
        "version": "3.4.0",
        "lessThan": "3.5.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.4.0:*:*:*:*:*:*:*"
    ],
    "vendor": "skygroup",
    "product": "edr_plus_pack_cloud",
    "versions": [
      {
        "status": "affected",
        "version": "3.4.0",
        "lessThan": "3.5.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

jvn.jp/en/jp/JVN26734798/

www.ffri.jp/assets/files/other_docs/20240729.pdf

www.skyseaclientview.net/news/240729_01/

www.support.nec.co.jp/View.aspx?id=3140109694