cvelistv5 - cve-2022-3087

Source	URL	Tags
ics-cert@hq.dhs.gov	https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01	Third Party Advisory, US Government Resource

Vendor	Product
Fuji Electric	Tellus Lite V-Simulator

var-202212-1811

Vulnerability from variot

Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code. (DoS) It may be in a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of X1 files in the V-Simulator 6 application. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1811",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "tellus lite",
        "scope": null,
        "trust": 2.8,
        "vendor": "fuji electric",
        "version": null
      },
      {
        "model": "tellus lite v-simulator",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "fujielectric",
        "version": "4.0.12.0"
      },
      {
        "model": "tellus lite v-simulator",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "\u5bcc\u58eb\u96fb\u6a5f",
        "version": "4.0.12.0  and earlier"
      },
      {
        "model": "tellus lite v-simulator",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u5bcc\u58eb\u96fb\u6a5f",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:fujielectric:tellus_lite_v-simulator:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.12.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "kimiya",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      }
    ],
    "trust": 2.8
  },
  "cve": "CVE-2022-3087",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2022-3087",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.8,
            "userInteraction": "REQUIRED",
            "vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-005595",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2022-3087",
            "trust": 2.8,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-3087",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2022-3087",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2022-005595",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202212-3660",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "\nFuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code. (DoS) It may be in a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of X1 files in the V-Simulator 6 application. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-3087"
      }
    ],
    "trust": 4.23
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-3087",
        "trust": 6.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-354-01",
        "trust": 2.5
      },
      {
        "db": "JVN",
        "id": "JVNVU90957471",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-16781",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-823",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-16779",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-16602",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-16600",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.6634",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3660",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-3087",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-3087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ]
  },
  "id": "VAR-202212-1811",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 1.0
  },
  "last_update_date": "2023-12-18T11:55:11.903000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Fuji Electric has issued an update to correct this vulnerability.",
        "trust": 2.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-354-01"
      },
      {
        "title": "Top\u00a0Page",
        "trust": 0.8,
        "url": "https://www.fujielectric.co.jp/"
      },
      {
        "title": "Fuji Electric Tellus Lite V-Simulator Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=218427"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2022-3087 "
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-3087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.0
      },
      {
        "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-354-01"
      },
      {
        "trust": 1.7,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu90957471/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3087"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-354-01"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-3087/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.6634"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2022-3087"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-3087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-3087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-3087"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "date": "2023-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "date": "2023-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "date": "2023-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "date": "2023-01-17T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-3087"
      },
      {
        "date": "2023-06-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "date": "2023-01-17T00:15:10.413000",
        "db": "NVD",
        "id": "CVE-2022-3087"
      },
      {
        "date": "2022-12-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "date": "2023-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "date": "2023-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "date": "2023-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-819"
      },
      {
        "date": "2023-01-17T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-3087"
      },
      {
        "date": "2023-06-06T08:56:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-005595"
      },
      {
        "date": "2023-11-07T03:50:46.330000",
        "db": "NVD",
        "id": "CVE-2022-3087"
      },
      {
        "date": "2023-01-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-23-823"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-822"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-820"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-819"
      }
    ],
    "trust": 2.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3660"
      }
    ],
    "trust": 0.6
  }
}

ghsa-h6qp-2x7h-7x2g

Vulnerability from github

Published

2023-01-17 00:30

Modified

2023-01-24 21:30

Severity

7.8 (High) - CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-3087"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-17T00:15:00Z",
    "severity": "HIGH"
  },
  "details": "Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code.",
  "id": "GHSA-h6qp-2x7h-7x2g",
  "modified": "2023-01-24T21:30:30Z",
  "published": "2023-01-17T00:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3087"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

icsa-22-354-01

Vulnerability from csaf_cisa

Published

2022-12-20 00:00

Modified

2022-12-20 00:00

Summary

Fuji Electric Tellus Lite V-Simulator

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code.

Critical infrastructure sectors

Critical Manufacturing

Countries/areas deployed

Worldwide

Company headquarters location

Japan

Recommended Practices

CISA recommends users take the following measures to protect themselves from social engineering attacks:

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Exploitability

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Kimiya"
        ],
        "organization": "Trend Micros Zero Day Initiative",
        "summary": "reporting these vulnerabilities to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": " Critical Manufacturing",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": " Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": " Japan",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-354-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-354-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-354-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-354-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      }
    ],
    "title": "Fuji Electric Tellus Lite V-Simulator",
    "tracking": {
      "current_release_date": "2022-12-20T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-354-01",
      "initial_release_date": "2022-12-20T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-12-20T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 4.0.12.0",
                "product": {
                  "name": "Tellus Lite V-Simulator: Versions 4.0.12.0 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Tellus Lite V-Simulator"
          }
        ],
        "category": "vendor",
        "name": "Fuji Electric"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-3087",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code.CVE-2022-3087 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3087"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Fuji Electric recommends users update Tellus Lite V-Simulator to version 4.0.15.0.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://felib.fujielectric.co.jp/download/pod_document.htm?site=global\u0026lang=en"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2022-3085",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to a stack-based buffer overflow which may allow an attacker to execute arbitrary code.CVE-2022-3085 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3085"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Fuji Electric recommends users update Tellus Lite V-Simulator to version 4.0.15.0.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://felib.fujielectric.co.jp/download/pod_document.htm?site=global\u0026lang=en"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

gsd-2022-3087

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code.

Aliases

CVE-2022-3087

Aliases

CVE-2022-3087

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-3087",
    "id": "GSD-2022-3087"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-3087"
      ],
      "details": "Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code.",
      "id": "GSD-2022-3087",
      "modified": "2023-12-13T01:19:39.812864Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2022-3087",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Tellus Lite V-Simulator",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Fuji Electric"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Kimiya"
        },
        {
          "lang": "en",
          "value": "Trend Micro Zero Day Initiative"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-787",
                "lang": "eng",
                "value": "CWE-787 Out-of-bounds Write"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01",
            "refsource": "MISC",
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eFuji Electric recommends users update Tellus Lite V-Simulator to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://felib.fujielectric.co.jp/download/pod_document.htm?site=global\u0026amp;lang=en\"\u003eversion 4.0.15.0\u003c/a\u003e. \u003c/p\u003e\u003cbr\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nFuji Electric recommends users update Tellus Lite V-Simulator to  version 4.0.15.0 https://felib.fujielectric.co.jp/download/pod_document.htm . \n\n\n\n\n\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:fujielectric:tellus_lite_v-simulator:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.12.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2022-3087"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-354-01"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-01-24T19:42Z",
      "publishedDate": "2023-01-17T00:15Z"
    }
  }
}

Action not permitted

cve-2022-3087

Vulnerability from cvelistv5

var-202212-1811

Vulnerability from variot

ghsa-h6qp-2x7h-7x2g

Vulnerability from github

icsa-22-354-01

Vulnerability from csaf_cisa

gsd-2022-3087

Vulnerability from gsd

Tags