Lucene search

[email protected]CVE-2024-34171

HistoryMay 30, 2024 - 8:15 p.m.

CVE-2024-34171

2024-05-3020:15:09

CWE-121

[email protected]

web.nvd.nist.gov

cve-2024-34171

nvd

arbitrary code execution

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.5 High

CVSS4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

0.001 Low

EPSS

Percentile

29.0%

JSON

Fuji Electric Monitouch V-SFT
is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Monitouch V-SFT",
    "vendor": "Fuji Electric",
    "versions": [
      {
        "lessThan": "6.2.3.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.cisa.gov/news-events/ics-advisories/icsa-24-151-02

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.5 High

CVSS4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

0.001 Low

EPSS

Percentile

29.0%

JSON

Related for CVE-2024-34171

zdi5 nvd1 cvelist1 ics1