CVE-2024-11799

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 28, 2024
Updated: Dec 3, 2024
CWE ID 121
CWE ID 787

Summary

CVE-2024-11799 is a stack-based buffer overflow vulnerability affecting Fuji Electric's Tellus Lite V-Simulator 5 V8 file parser. This issue allows remote code execution on vulnerable installations, requiring user interaction through a malicious page or file. The flaw arises from insufficient validation of user-supplied data length prior to copying it to a fixed-length buffer in the V-Simulator 5 component. Successful exploitation enables an attacker to execute arbitrary code in the context of the affected process. (ZDI-CAN-24664)

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share