CVE-2024-38389

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 28, 2024
Updated: Nov 29, 2024
CWE ID 125

Summary

CVE-2024-38389 is a newly disclosed vulnerability affecting TELLUS (version 4.0.19.0 and earlier) and TELLUS Lite (version 4.0.19.0 and earlier). This issue involves an Out-of-bounds read vulnerability, meaning that memory beyond the allocated bounds can be accessed. A user could potentially trigger this vulnerability by opening a specially crafted file. The consequences of this vulnerability could range from information disclosure to arbitrary code execution. It is crucial that users update their TELLUS and TELLUS Lite software to avoid exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Tellus Lite

Affected Vendors

  • Fuji Electric Co Ltd