Published:2023/06/08  Last Updated:2023/06/08

JVNVU#98818508
Multiple vulnerabilities in Fuji Electric products

Overview

Fuji Electric V-Server, V-Server Lite, TELLUS, and TELLUS Lite contain multiple vulnerabilities.

Products Affected

CVE-2023-31239

  • V-Server v4.0.15.0 and earlier
  • V-Server Lite v4.0.15.0 and earlier
CVE-2023-32538, CVE-2023-32273, CVE-2023-32201
  • TELLUS v4.0.15.0 and earlier
  • TELLUS Lite v4.0.15.0 and earlier
CVE-2023-32288
  • TELLUS v4.0.15.0 and earlier
  • TELLUS Lite v4.0.15.0 and earlier
CVE-2023-32276, CVE-2023-32270, CVE-2023-32542
  • TELLUS v4.0.15.0 and earlier
  • TELLUS Lite v4.0.15.0 and earlier

Description

Multiple vulnerabilities listed below exist in the simulator module and the remote monitoring software 'V-Server Lite' and 'V-Server' contained in the graphic editor 'V-SFT', and the remote monitoring software 'TELLUS' and 'TELLUS Lite' provided by FUJI ELECTRIC CO., LTD.

  • Stack-based buffer overflow in V-Serve, V-Server Lite (CWE-121) - CVE-2023-31239
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
  • Stack-based buffer overflow in TELLUS, TELLUS Lite (CWE-121) - CVE-2023-32538, CVE-2023-32273, CVE-2023-32201
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
  • Out-of-bounds read in TELLUS, TELLUS Lite (CWE-125) - CVE-2023-32288
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
  • Stack-based buffer overflow in TELLUS, TELLUS Lite (CWE-121) - CVE-2023-32276
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
  • Access of memory location after end of buffer in TELLUS, TELLUS Lite (CWE-788) - CVE-2023-32270
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
  • Out-of-bounds read in TELLUS, TELLUS Lite (CWE-125) - CVE-2023-32542
    CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8

Impact

CVE-2023-31239
Opening a specially crafted VPR file may lead to arbitrary code execution.

CVE-2023-32538, CVE-2023-32273, CVE-2023-32201
Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution.

CVE-2023-32288
Opening a specially crafted SIM file may lead to information disclosure and/or arbitrary code execution.

CVE-2023-32276, CVE-2023-32270, CVE-2023-32542
Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.

Vendor Status

Vendor Link
FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. Improvement information 2350S05
Improvement information 2350Q03

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2023-31239
CVE-2023-32201
CVE-2023-32270
CVE-2023-32273
CVE-2023-32276
CVE-2023-32288
CVE-2023-32538
CVE-2023-32542
JVN iPedia