Memory Access Vulnerability in TELLUS Products by Fujielectric
CVE-2023-32270

7.8HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd.
Status: Tellus And Tellus Lite
Vendor: CVE Published:; 19 June 2023

🔔 Create Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd. Vulnerability Alert

What is CVE-2023-32270?

A memory access vulnerability exists in TELLUS version 4.0.15.0 and TELLUS Lite version 4.0.15.0. This issue can be exploited when a specially crafted V8 file is opened, potentially allowing attackers to disclose sensitive information or execute arbitrary code. Users of affected versions should take immediate precautions to mitigate risks associated with this vulnerability.

Affected Version(s)

TELLUS and TELLUS Lite v4.0.15.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/03tell...

https://jvn.jp/en/vu/JVNVU98818508/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2023
Vulnerability Reserved
May 11, 2023