CVE-2024-11802
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 28, 2024
Updated: Dec 3, 2024
CWE ID 787
CWE ID 121
Summary
CVE-2024-11802 is a stack-based buffer overflow vulnerability affecting Fuji Electric's Tellus Lite V-Simulator 5 component. This issue permits remote code execution, requiring user interaction through visiting a malicious page or opening a maliciously crafted file. The root cause of the flaw lies in insufficient validation of user-supplied data prior to copying it to a fixed-length buffer in the process of parsing V8 files. Exploitation leads to arbitrary code execution in the affected system. (ZDI-CAN-24770)
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Tellus Lite V-Simulator