CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5597 – Fuji Electric Monitouch V-SFT Type Confusion
https://notcve.org/view.php?id=CVE-2024-5597
Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution. Fuji Electric Monitouch V-SFT es vulnerable a una confusión de tipos, lo que podría provocar un bloqueo o la ejecución del código. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30546
https://notcve.org/view.php?id=CVE-2022-30546
Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. Se presenta una vulnerabilidad de lectura fuera de límites en el módulo simulador contenido en el editor gráfico "V-SFT" versiones anteriores a v6.1.6.0, que puede permitir a un atacante obtener información y/o ejecutar código arbitrario haciendo que un usuario abra un archivo de imagen especialmente diseñado • https://jvn.jp/en/vu/JVNVU99188133/index.html https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30538
https://notcve.org/view.php?id=CVE-2022-30538
Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. Se presenta una vulnerabilidad de escritura fuera de límites en el módulo simulador contenido en el editor gráfico "V-SFT" versiones anteriores a v6.1.6.0, que puede permitir a un atacante obtener información y/o ejecutar código arbitrario haciendo que un usuario abra un archivo de imagen especialmente diseñado • https://jvn.jp/en/vu/JVNVU99188133/index.html https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9662 – Fuji Electric Monitouch V-SFT Insecure Configuration Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-9662
An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Monitouch V-SFT is installed in a directory with weak access controls by default, which could allow an authenticated attacker with local access to escalate privileges. Se ha descubierto un problema de gestión incorrecta de privilegios en Fuji Electric Monitouch V-SFT en las versiones anteriores a la 5.4.43.0. Monitouch V-SFT se instala en un directorio con controles de acceso por defecto débiles, lo que podría permitir que un atacante autenticado con acceso local escale privilegios. This vulnerability allows local attackers to escalate their privileges on vulnerable installations of Fuji Electric Monitouch V-SFT. • http://www.securityfocus.com/bid/100268 http://www.zerodayinitiative.com/advisories/ZDI-17-646 https://ics-cert.us-cert.gov/advisories/ICSA-17-222-04 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 10%CPEs: 1EXPL: 0CVE-2017-9659 – Fuji Electric Monitouch V-SFT Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-9659
A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. The stack-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution. Se ha descubierto un problema de desbordamiento de búfer basado en pila en Fuji Electric Monitouch V-SFT en las versiones anteriores a la 5.4.43.0. Se ha identificado una vulnerabilidad de desbordamiento de búfer basado en pila, lo que podría provocar un bloqueo o permitir la ejecución remota de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fuji Electric Monitouch V-SFT. • http://www.securityfocus.com/bid/100265 http://www.zerodayinitiative.com/advisories/ZDI-17-643 http://www.zerodayinitiative.com/advisories/ZDI-17-644 https://ics-cert.us-cert.gov/advisories/ICSA-17-222-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •