CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34171 – Fuji Electric Monitouch V-SFT Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-34171
Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. Fuji Electric Monitouch V-SFT es vulnerable a un desbordamiento del búfer basado en pila, lo que podría permitir a un atacante ejecutar código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V9C files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5271 – Fuji Electric Monitouch V-SFT Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2024-5271
Fuji Electric Monitouch V-SFT is vulnerable to an out-of-bounds write because of a type confusion, which could result in arbitrary code execution. Fuji Electric Monitouch V-SFT es vulnerable a una escritura fuera de los límites debido a una confusión de tipos, lo que podría resultar en la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V9C files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 • CWE-787: Out-of-bounds Write •