{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2024-34579", "ASSIGNER": "ics-cert@hq.dhs.gov", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "Fuji Electric Alpha5 SMART \n\nis vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-121 Stack-Based Buffer Overflow", "cweId": "CWE-121" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Fuji Electric", "product": { "product_data": [ { "product_name": "Alpha5 SMART", "version": { "version_data": [ { "version_affected": "<=", "version_name": "0", "version_value": "4.5" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-016-05", "refsource": "MISC", "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-016-05" } ] }, "generator": { "engine": "Vulnogram 0.2.0" }, "source": { "advisory": "ICSA-25-016-05", "discovery": "EXTERNAL" }, "solution": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "

Fuji Electric has indicated that the vulnerabilities will not be fixed in Alpha5 SMART. Fuji Electric recommends users upgrade their systems to Alpha7.

For assistance, reach out directly to Fuji Electric's support team.

" } ], "value": "Fuji Electric has indicated that the vulnerabilities will not be fixed in Alpha5 SMART. Fuji Electric recommends users upgrade their systems to Alpha7 https://www.fujielectric.com/products/drives_inverters/servo/product_series/alpha7_overview.html .\n\nFor assistance, reach out directly to Fuji Electric's support team https://www.fujielectric.com/contact/ ." } ], "credits": [ { "lang": "en", "value": "An anonymous researcher working with Trend Micro's Zero Day Initiative reported this vulnerability to CISA" } ], "impact": { "cvss": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } ] } }