Fuji Electric has a new version available to handle an out of bounds read vulnerability in its FRENIC Loader, according to a report with NCCIC.
Successful exploitation of this vulnerability, discovered by kimiya of 9SG Security Team working with the Trend Micro’s Zero Day Initiative, could allow information disclosure. An AC drive, FRENIC Loader 188.8.131.52 and prior suffer from the vulnerability.
In the issue, the affected product is susceptible to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device.
CVE-2019-13512 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.4.
The product sees use mainly in the commercial facilities sector. It also sees action on a global basis.
No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely. However, an attacker with low skill level could leverage the vulnerability.
Japan-based Fuji Electric released a new version of FRENIC Loader that addresses the vulnerability.