https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 <br/></td> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"/>https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02 <br/></td> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"/>
Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process.
This vulnerability could allow an attacker to execute arbitrary code on affected Fuji Electric Monitouch V-SFT systems, leading to complete system compromise. The attacker would need local access, but would not require any privileges on the system. The CVSS v3 base score is 9.8, indicating a critical severity. The impact on confidentiality, integrity, and availability is rated as HIGH, meaning the vulnerability could result in a total loss of protection, modification of all system files, or a complete shutdown of the affected resource.
One proof-of-concept exploit is available on zerodayinitiative.com. There is no evidence of proof of exploitation at the moment.
Fuji Electric has issued an update to correct this vulnerability. The patch addresses versions of Monitouch V-SFT prior to 6.2.3.0. More details can be found at: https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02
1. Apply the software update provided by Fuji Electric as soon as possible to versions prior to 6.2.3.0. 2. Restrict local access to Monitouch V-SFT systems to trusted users only. 3. Implement the principle of least privilege for user accounts. 4. Educate users about the risks of visiting malicious pages or opening suspicious files. 5. Consider implementing application whitelisting to prevent unauthorized code execution. 6. Monitor system logs for any suspicious activities. 7. Keep all software and systems up-to-date with the latest security patches.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Feedly found the first article mentioning CVE-2024-5597. See article
Feedly estimated the CVSS score as HIGH
NVD published the first details for CVE-2024-5597
A CVSS base score of 7.8 has been assigned.
EPSS Score was set to: 0.07% (Percentile: 28.7%)
A CVSS base score of 9.8 has been assigned.
Detection for the vulnerability has been added to Qualys (380467)
A CVSS base score of 9.8 has been assigned.