You are here

Fuji Electric V-Server (ICSA-18-254-01)

Fuji Electric V-Server (ICSA-18-254-01)

Created: Tuesday, September 11, 2018 - 17:26
Categories:
Cybersecurity

The NCCIC has released an advisory on use-after free, untrusted pointer dereference, heap-based buffer overflow, out-of-bounds write, integer underflow, out-of-bounds read, and stack-based buffer overflow vulnerabilities in Fuji Electric V-Server. V-Server VPR 4.0.3.0 and prior are affected. Successful exploitation of these vulnerabilities could allow for remote code execution on the device, causing a denial of service condition or information exposure. Fuji Electric has released Version 4.0.4.0 of the software. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.