CVE-2023-39341
Severity Score
3.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition.
Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-07-28 CVE Reserved
- 2023-08-09 CVE Published
- 2024-10-17 CVE Updated
- 2024-11-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-755: Improper Handling of Exceptional Conditions
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/en/jp/JVN42527152 | Third Party Advisory | |
| https://www.skyseaclientview.net/news/230807_01 | Third Party Advisory | |
| https://www.soliton.co.jp/support/zerona_notice_2023.html | Third Party Advisory | |
| https://www.sourcenext.com/support/i/2023/230718_01 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.ffri.jp/security-info/index.htm | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ffri Search vendor "Ffri" | Dual Safe Search vendor "Ffri" for product "Dual Safe" | 1.4.1 Search vendor "Ffri" for product "Dual Safe" and version "1.4.1" | - |
Affected
| ||||||
| Ffri Search vendor "Ffri" | Ffri Yarai Search vendor "Ffri" for product "Ffri Yarai" | >= 3.4.0 <= 3.4.6 Search vendor "Ffri" for product "Ffri Yarai" and version " >= 3.4.0 <= 3.4.6" | - |
Affected
| ||||||
| Ffri Search vendor "Ffri" | Ffri Yarai Search vendor "Ffri" for product "Ffri Yarai" | 1.4.0 Search vendor "Ffri" for product "Ffri Yarai" and version "1.4.0" | home_and_business |
Affected
| ||||||
| Ffri Search vendor "Ffri" | Ffri Yarai Search vendor "Ffri" for product "Ffri Yarai" | 3.5.0 Search vendor "Ffri" for product "Ffri Yarai" and version "3.5.0" | - |
Affected
| ||||||
| Soliton Search vendor "Soliton" | Infotrace Mark Ii Malware Protection Search vendor "Soliton" for product "Infotrace Mark Ii Malware Protection" | >= 3.0.1 <= 3.2.2 Search vendor "Soliton" for product "Infotrace Mark Ii Malware Protection" and version " >= 3.0.1 <= 3.2.2" | - |
Affected
| ||||||
| Soliton Search vendor "Soliton" | Zerona Search vendor "Soliton" for product "Zerona" | >= 3.2.32 <= 3.2.36 Search vendor "Soliton" for product "Zerona" and version " >= 3.2.32 <= 3.2.36" | - |
Affected
| ||||||
| Soliton Search vendor "Soliton" | Zerona Plus Search vendor "Soliton" for product "Zerona Plus" | >= 3.2.32 <= 3.2.36 Search vendor "Soliton" for product "Zerona Plus" and version " >= 3.2.32 <= 3.2.36" | - |
Affected
| ||||||
| Nec Search vendor "Nec" | Actsecure X Managed Security Service Search vendor "Nec" for product "Actsecure X Managed Security Service" | >= 3.4.0 <= 3.4.6 Search vendor "Nec" for product "Actsecure X Managed Security Service" and version " >= 3.4.0 <= 3.4.6" | - |
Affected
| ||||||
| Nec Search vendor "Nec" | Actsecure X Managed Security Service Search vendor "Nec" for product "Actsecure X Managed Security Service" | 3.5.0 Search vendor "Nec" for product "Actsecure X Managed Security Service" and version "3.5.0" | - |
Affected
| ||||||
| Skygroup Search vendor "Skygroup" | Edr Plus Pack Search vendor "Skygroup" for product "Edr Plus Pack" | >= 3.4.0 <= 3.4.6 Search vendor "Skygroup" for product "Edr Plus Pack" and version " >= 3.4.0 <= 3.4.6" | - |
Affected
| ||||||
| Skygroup Search vendor "Skygroup" | Edr Plus Pack Search vendor "Skygroup" for product "Edr Plus Pack" | 3.5.0 Search vendor "Skygroup" for product "Edr Plus Pack" and version "3.5.0" | - |
Affected
| ||||||
| Skygroup Search vendor "Skygroup" | Edr Plus Pack Cloud Search vendor "Skygroup" for product "Edr Plus Pack Cloud" | >= 3.4.0 <= 3.4.6 Search vendor "Skygroup" for product "Edr Plus Pack Cloud" and version " >= 3.4.0 <= 3.4.6" | - |
Affected
| ||||||
| Skygroup Search vendor "Skygroup" | Edr Plus Pack Cloud Search vendor "Skygroup" for product "Edr Plus Pack Cloud" | 3.5.0 Search vendor "Skygroup" for product "Edr Plus Pack Cloud" and version "3.5.0" | - |
Affected
| ||||||