CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21168 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-21168
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure. El producto afectado es vulnerable debido a una inicialización de puntero no válida, que puede conllevar a una divulgación de información This vulnerability allows remote attackers to disclose sensitive information on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C5V files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21228 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-21228
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. El producto afectado es vulnerable a un desbordamiento del búfer en la región stack de la memoria, que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C5P files in the Server Operator module. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21214 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-21214
The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution. El producto afectado es vulnerable a un desbordamiento de búfer en la región heap de la memoria, que puede conllevar a una ejecución de código This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C5P files in the Server Operator module. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24383 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-24383
The affected product is vulnerable to an out-of-bounds read, which may result in code execution El producto afectado es vulnerable a una lectura fuera de límites, que puede resultar en la ejecución de código This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C5P files in the Server Operator module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21202 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-21202
The affected product is vulnerable to an out-of-bounds read, which may result in disclosure of sensitive information. El producto afectado es vulnerable a una lectura fuera de límites, que puede resultar en una divulgación de información confidencial This vulnerability allows remote attackers to disclose sensitive information on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of A5V files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-125: Out-of-bounds Read •