Fuji Electric D300win Out-of-bounds Read
CVE-2022-1738

8.7HIGH

Key Information:

Vendor: Fuji Electric
Status: D300win
Vendor: CVE Published:; 30 August 2022

🔔 Create Fuji Electric Vulnerability Alert

What is CVE-2022-1738?

Fuji Electric D300win prior to version 3.7.1.17 is vulnerable to an out-of-bounds read, which could allow an attacker to leak sensitive data from the process memory.

Affected Version(s)

D300win 3.7.1.16 < 3.7.1.17

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-05

CVSS V3.1

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 30, 2022
Vulnerability Reserved
May 16, 2022

Credit

Uri Katz from Claroty reported these vulnerabilities to CISA.

JSON