Stack-Based Buffer Overflow in Fuji Electric Tellus Lite V-Simulator
CVE-2022-3085

7.8HIGH

Key Information:

Vendor: Fuji Electric
Status: Tellus Lite V-simulator
Vendor: CVE Published:; 19 January 2023

🔔 Create Fuji Electric Vulnerability Alert

What is CVE-2022-3085?

The Fuji Electric Tellus Lite V-Simulator, specifically versions 4.0.12.0 and earlier, is susceptible to a stack-based buffer overflow. This vulnerability presents an opportunity for attackers to execute arbitrary code by exploiting the overflow condition, potentially compromising the integrity and availability of the software and associated systems.

Affected Version(s)

Tellus Lite V-Simulator 0

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 19, 2023
Vulnerability Reserved
Sep 1, 2022

Credit

Kimiya

Trend Micro Zero Day Initiative

JSON