Lifted the Curse of TELLUS and V-SFT by Fixing Stack-Based Buffer Overflow Vulns
CVE-2024-38309

Currently unrated

Key Information:

Vendor: Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd.
Status: V-sft; Tellus; Tellus Lite
Vendor: CVE Published:; 28 November 2024

🔔 Create Fuji Electric Co., Ltd. And Hakko Electronics Co., Ltd. Vulnerability Alert

What is CVE-2024-38309?

There are multiple stack-based buffer overflow vulnerabilities in V-SFT (v6.2.2.0 and earlier), TELLUS (v4.0.19.0 and earlier), and TELLUS Lite (v4.0.19.0 and earlier). If a user opens a specially crafted file, information may be disclosed and/or arbitrary code may be executed.

Affected Version(s)

TELLUS v4.0.19.0 and earlier

TELLUS Lite v4.0.19.0 and earlier

V-SFT v6.2.2.0 and earlier

References

https://monitouch.fujielectric.com/site/download-e/03tell...

https://jvn.jp/en/vu/JVNVU97531313/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 28, 2024
Vulnerability Reserved
Jun 19, 2024