Fuji Electric Monitouch V-SFT Vulnerable to Out-of-Bounds Write
CVE-2024-5271

8.5HIGH

Key Information:

Vendor: Fuji Electric
Status: Monitouch V-sft
Vendor: CVE Published:; 30 May 2024

🔔 Create Fuji Electric Vulnerability Alert

What is CVE-2024-5271?

The Fuji Electric Monitouch V-SFT is prone to an out-of-bounds write vulnerability stemming from type confusion. This flaw enables attackers to exploit the system, potentially leading to arbitrary code execution. Proper management of memory allocation and bounds checking is essential to mitigate the associated risks and enhance the security posture of users relying on this software. Users should promptly assess their installations and apply any necessary security patches or mitigations to safeguard their environments.

Affected Version(s)

Monitouch V-SFT 0 < 6.2.3.0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-1...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 30, 2024
Vulnerability Reserved
May 23, 2024

Credit

kimiya working with Trend Micro Zero Day Initiative, reported these vulnerabilities to CISA.

JSON