Severity

High

Analysis Summary

CVE-2023-47583 CVSS:7.8

Fuji Electric Tellus Simulator could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-47582 CVSS:7.8

Fuji Electric Tellus and Tellus Lite could allow a remote attacker to execute arbitrary code on the system, caused by access to an uninitialized pointer. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-47581 CVSS:7.8

Fuji Electric Tellus and Tellus Lite could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-47580 CVSS:7.8

Fuji Electric Tellus and Tellus Lite are vulnerable to a buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system.

Impact

  • Buffer Overflow
  • Code Execution

Indicators Of Compromise

CVE

  • CVE-2023-47583
  • CVE-2023-47582
  • CVE-2023-47581
  • CVE-2023-47580

Affected Vendors

Fuji Electric

Affected Products

  • Fuji Electric Tellus Simulator 4.0.17.0
  • Fuji Electric TELLUS 4.0.17.0
  • Fuji Electric TELLUS 4.0.17.0 Lite

Remediation

Refer to Fuji Security Advisory for patch, upgrade or suggested workaround information.

Fuji Security Advisory