Your one-stop web resource providing safety and security information to manufacturers

Fuji Electric created a patch to mitigate an improper restriction of operations within the bounds of a memory buffer vulnerability in its V-Server product, according to a report with ICS-CERT.

V-Server Version and prior, a data collection and management service, suffer from the remotely exploitable vulnerability, discovered by Ariele Caltabiano working with Trend Micro’s Zero Day Initiative.

ABB Clears WiFi Logger Card Hole
Fix is in for PI Coresight
OSIsoft Fixes PI ProcessBook, PI ActiveView
Schweitzer Clears Hole in Gateways

Successful exploitation of this memory corruption vulnerability could allow an attacker to remotely execute arbitrary code.

No known public exploits specifically target this vulnerability. However, a high skill level is needed to exploit.

Cyber Security

A memory corruption vulnerability has been identified, which may allow remote code execution.

CVE-2017-9639 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

The product sees use mainly in the critical manufacturing sector. It sees action on a global basis.

Click here for the patch Fuji Electric created.

Pin It on Pinterest

Share This