Out-of-Bounds Read Vulnerability in V-Server by Fujielectric
CVE-2022-41645

7.8HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd.
Status: V-server
Vendor: CVE Published:; 3 January 2023

🔔 Create Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd. Vulnerability Alert

What is CVE-2022-41645?

An out-of-bounds read vulnerability exists in V-Server versions v4.0.12.0 and earlier, which could potentially allow a local attacker to gain unauthorized access to sensitive information or execute arbitrary code. This exploitation requires a specially crafted project file to be opened by the user, highlighting the importance of software updates and user awareness in mitigating such vulnerabilities.

Affected Version(s)

V-Server v4.0.12.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/03tell...

https://jvn.jp/en/vu/JVNVU92811888/index.html

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 3, 2023
Vulnerability Reserved
Dec 26, 2022

JSON