Out-of-Bounds Read Vulnerability in V-Server and V-Server Lite
CVE-2023-47585

7.8HIGH

Key Information:

Vendor: Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd.
Status: V-server; V-server Lite
Vendor: CVE Published:; 15 November 2023

🔔 Create Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd. Vulnerability Alert

What is CVE-2023-47585?

An out-of-bounds read vulnerability exists in V-Server and V-Server Lite that can be triggered when a user opens a specially crafted VPR file. Exploiting this vulnerability may lead to the disclosure of sensitive information or the execution of arbitrary code, posing a significant risk to users of V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18.0 and earlier.

Affected Version(s)

V-Server V4.0.18.0 and earlier

V-Server Lite V4.0.18.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/03tell...

https://hakko-elec.co.jp/site/download/03tellus_inf/index...

https://jvn.jp/en/vu/JVNVU93840158/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2023
Vulnerability Reserved
Nov 7, 2023