Buffer Overflow Vulnerability in V-Server by Fuji Electric
CVE-2022-47908

7.8HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd.
Status: V-server
Vendor: CVE Published:; 3 January 2023

🔔 Create Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd. Vulnerability Alert

What is CVE-2022-47908?

A stack-based buffer overflow vulnerability exists in V-Server versions up to 4.0.12.0. This flaw enables a local attacker to potentially execute arbitrary code or access sensitive information by luring a user into opening a specially crafted project file. Exploiting this vulnerability requires local access, highlighting the need for proper security measures and user education.

Affected Version(s)

V-Server v4.0.12.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/03tell...

https://jvn.jp/en/vu/JVNVU92811888/index.html

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 3, 2023
Vulnerability Reserved
Dec 26, 2022