Alpha5 Smart Loader Firmware Security Vulnerabilities
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types.
5.3CVSS
5.3AI Score
0.001EPSS
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device does not perform a check on the length/size of a project file before copying the entire contents of the file to a heap-based buffer.
9.8CVSS
9AI Score
0.002EPSS
Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application.
7.8CVSS
7.9AI Score
0.009EPSS
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.
5.5CVSS
5.1AI Score
0.001EPSS
The affected product is vulnerable to an out-of-bounds read, which may result in disclosure of sensitive information.
5.5CVSS
5.3AI Score
0.001EPSS
The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution.
7.8CVSS
7.8AI Score
0.001EPSS
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
7.8CVSS
7.8AI Score
0.001EPSS
The affected product is vulnerable to an out-of-bounds read, which may result in code execution
7.8CVSS
7.7AI Score
0.001EPSS