Out-of-Bounds Read Vulnerability in V-Server and V-Server Lite by Fuji Electric
CVE-2022-30549

7.8HIGH

Key Information:

Vendor

Fuji Electric Co., Ltd. / Hakko Electronics Co., Ltd.

Status
V-server And V-server Lite
Vendor
CVE Published:
16 June 2022

What is CVE-2022-30549?

An out-of-bounds read vulnerability exists in the V-Server software, versions prior to 4.0.11.0, and V-Server Lite, versions prior to 4.0.13.0. This vulnerability can be exploited when a user is tricked into opening a specially crafted image file. If successfully exploited, it may allow an attacker to access sensitive information or potentially execute arbitrary code within the affected application. Users of these versions should apply any available updates to mitigate this risk.

Affected Version(s)

V-Server and V-Server Lite V-Server v4.0.11.0 and earlier, and V-Server Lite v4.0.13.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/09vsft...
x_refsource_MISC
https://monitouch.fujielectric.com/site/download-eu/03tel...
x_refsource_MISC
https://jvn.jp/en/vu/JVNVU93134398/index.html
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.