Out-of-Bounds Write Vulnerability in V-Server by Fuji Electric
CVE-2022-47317

7.8HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd.
Status: V-server
Vendor: CVE Published:; 3 January 2023

🔔 Create Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd. Vulnerability Alert

What is CVE-2022-47317?

An out-of-bounds write vulnerability exists in V-Server versions 4.0.12.0 and earlier, which allows a local attacker to exploit this flaw. By persuading a user to open a specially crafted project file, an attacker can gain unauthorized access to information or execute arbitrary code. This vulnerability poses significant security concerns, especially in environments where V-Server operates.

Affected Version(s)

V-Server v4.0.12.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/03tell...

https://jvn.jp/en/vu/JVNVU92811888/index.html

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 3, 2023
Vulnerability Reserved
Dec 26, 2022