Out-of-Bounds Read Vulnerability in TELLUS by Fuji Electric
CVE-2023-32542

7.8HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd.
Status: Tellus And Tellus Lite
Vendor: CVE Published:; 19 June 2023

🔔 Create Fuji Electric Co., Ltd. Vulnerability Alert

What is CVE-2023-32542?

An out-of-bounds read vulnerability has been identified in TELLUS versions 4.0.15.0 and TELLUS Lite 4.0.15.0. An attacker can craft a malicious V8 file that, when opened, may lead to sensitive information disclosure and potentially allow arbitrary code execution. This poses significant risks if exploited. Users are advised to review the security updates and take appropriate measures to protect their systems.

Affected Version(s)

TELLUS and TELLUS Lite v4.0.15.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/03tell...

https://jvn.jp/en/vu/JVNVU98818508/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2023
Vulnerability Reserved
May 11, 2023

JSON