CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5597 – Fuji Electric Monitouch V-SFT Type Confusion
https://notcve.org/view.php?id=CVE-2024-5597
Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution. Fuji Electric Monitouch V-SFT es vulnerable a una confusión de tipos, lo que podría provocar un bloqueo o la ejecución del código. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46360
https://notcve.org/view.php?id=CVE-2022-46360
Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file. • https://jvn.jp/en/vu/JVNVU90679513/index.html https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/index.php • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43448
https://notcve.org/view.php?id=CVE-2022-43448
Out-of-bounds write vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file. • https://jvn.jp/en/vu/JVNVU90679513/index.html https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/index.php • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30546
https://notcve.org/view.php?id=CVE-2022-30546
Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. Se presenta una vulnerabilidad de lectura fuera de límites en el módulo simulador contenido en el editor gráfico "V-SFT" versiones anteriores a v6.1.6.0, que puede permitir a un atacante obtener información y/o ejecutar código arbitrario haciendo que un usuario abra un archivo de imagen especialmente diseñado • https://jvn.jp/en/vu/JVNVU99188133/index.html https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30538
https://notcve.org/view.php?id=CVE-2022-30538
Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. Se presenta una vulnerabilidad de escritura fuera de límites en el módulo simulador contenido en el editor gráfico "V-SFT" versiones anteriores a v6.1.6.0, que puede permitir a un atacante obtener información y/o ejecutar código arbitrario haciendo que un usuario abra un archivo de imagen especialmente diseñado • https://jvn.jp/en/vu/JVNVU99188133/index.html https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php • CWE-787: Out-of-bounds Write •