CVE-2023-47580

Summary

Multiple improper restriction of operations within the bounds of a memory buffer issues exist in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 and earlier. If a user opens a specially crafted file (X1, V8, or V9 file), information may be disclosed and/or arbitrary code may be executed.

Affected Software

VendorProductVersion RangeStatus
FUJI ELECTRIC CO., LTD. and Hakko Electronics Co., Ltd.TELLUSV4.0.17.0 and earlieraffected
FUJI ELECTRIC CO., LTD. and Hakko Electronics Co., Ltd.TELLUS LiteV4.0.17.0 and earlieraffected

Weaknesses

  • Improper restriction of operations within the bounds of a memory buffer

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References