CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32273
https://notcve.org/view.php?id=CVE-2023-32273
Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32538 and CVE-2023-32201. • https://jvn.jp/en/vu/JVNVU98818508 https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32538
https://notcve.org/view.php?id=CVE-2023-32538
Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32273 and CVE-2023-32201. • https://jvn.jp/en/vu/JVNVU98818508 https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32288
https://notcve.org/view.php?id=CVE-2023-32288
Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32542
https://notcve.org/view.php?id=CVE-2023-32542
Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3085 – Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-3085
Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to a stack-based buffer overflow which may allow an attacker to execute arbitrary code. Fuji Electric Tellus Lite V-Simulator versiones 4.0.12.0 y anteriores son vulnerables a un desbordamiento de búfer en la región stack de la memoria que puede permitir a un atacante ejecutar código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X1 files in the V-Simulator 6 application. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01 • CWE-121: Stack-based Buffer Overflow •