CVE-2017-9639
published 2017-07-17CVE-2017-9639: An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and prior. A memory corruption vulnerability has been identified (aka improper restriction…
PriorityP343high7.3CVSS 3.0
AVNACLPRNUINSUCLILAL
EPSS
2.04%
78.7th percentile
An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and prior. A memory corruption vulnerability has been identified (aka improper restriction of operations within the bounds of a memory buffer), which may allow remote code execution.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fujielectric | v-server | <= 3.3.22.0 | — |
CVSS provenance
nvdv3.07.3HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qfr2-9r3j-65p8: An issue was discovered in Fuji Electric V-Server Version 3
ghsa_unreviewed·2022-05-13
CVE-2017-9639 [HIGH] CWE-119 GHSA-qfr2-9r3j-65p8: An issue was discovered in Fuji Electric V-Server Version 3
An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and prior. A memory corruption vulnerability has been identified (aka improper restriction of operations within the bounds of a memory buffer), which may allow remote code execution.
CISA ICS
Fuji Electric V-Server
cisa_ics·2017-07-11
Fuji Electric V-Server
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Fuji Electric V-Server
Last RevisedJuly 11, 2017
Alert CodeICSA-17-192-02
## CVSS v3 7.3
ATTENTION: Remotely exploitable
Vendor: Fuji Electric
Equipment: V-Server
Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer
## AFFECTED PRODUCTS
The following versions of V-Server, a data collection and management service, are affected:
- V-Server Version 3.3.22.0 and prior.
## IMPACT
Successful exploitation of this memory corruption vulnerability could allow an attacker to remotely execute arbitrary code.
## MITIGATION
Fuji Electric has produce
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-07-17
Published