CVE-2024-11800

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 28, 2024
Updated: Dec 3, 2024
CWE ID 121
CWE ID 787

Summary

CVE-2024-11800 is a newly disclosed remote code execution vulnerability affecting Fuji Electric Tellus Lite V-Simulator 5 V8. The flaw is due to insufficient validation of user-supplied data during V8 file parsing, leading to a stack-based buffer overflow. An attacker can exploit this vulnerability by crafting a malicious file or luring the target to visit a malicious page, resulting in arbitrary code execution in the context of the affected system. This issue was identified as ZDI-CAN-24768.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share