Successful exploitation of this vulnerability could crash the device being accessed. Several heap-based buffer overflows have been identified. A data collection and management service, V-Server 4.0.6 and prior suffer from the issue, discovered by kimiya of 9SG, working with Trend Micro’s Zero Day Initiative.
In the vulnerability, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code.
The product sees use mainly in the critical manufacturing sector, and on a global basis.
No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.
Japan-based Fuji Electric released Version 126.96.36.199 to mitigate the vulnerability.