Published:2022/05/26  Last Updated:2022/05/26

JVNVU#93134398
Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite

Overview

V-SFT, V-Server and V-Server Lite provided by FUJI ELECTRIC CO., LTD. contain multiple vulnerabilities.

Products Affected

  • V-SFT v6.1.3.0 and earlier
  • V-Server v4.0.11.0 and earlier
  • V-Server Lite v4.0.13.0 and earlier

Description

Multiple vulnerabilities listed below exist in the simulator module contained in the graphic editor "V-SFT" and the remote monitoring software "V-Server" and "V-Server Lite" provided by FUJI ELECTRIC CO., LTD.

  • Out-of-bounds Read in V-SFT (CWE-125) - CVE-2022-29506
  • Out-of-bounds Read in V-Server and V-Server Lite (CWE-125) - CVE-2022-30549
  • Out-of-bounds Write in V-Server and V-Server Lite (CWE-787) - CVE-2022-29524

Impact

Exploiting these vulnerabilities by having a user to open a specially crafted image file may result in the following impacts.

  • Information disclosure
  • Arbitrary code execution

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.
The respective products/versions listed below contain the fixes for these vulnerabilities.

  • V-SFT v6.1.6.0 (Improvement information 2240H36)
  • V-Server V4.0.12.0 and V-Server Lite V4.0.13.0a (Improvement information 2250S01)

Vendor Status

Vendor Link
FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. Improvement information 2240H36
Improvement information 2250S01

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score: 7.8
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)

Credit

Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2022-29506
CVE-2022-30549
CVE-2022-29524
JVN iPedia