Sploit.io - Search

CVE-2022-43448

Severity: HIGH

Description: Out-of-bounds write vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file.

Affected Products:

• FUJI ELECTRIC CO., LTD. and Hakko Electronics Co., Ltd. V-SFT and TELLUS - Versions: V-SFT v6.1.7.0 and earlier, and TELLUS v4.0.12.0 and earlier

References:

• https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/index.php
• https://jvn.jp/en/vu/JVNVU90679513/index.html

CVE-2022-46360

Severity: HIGH

Description: Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file.

Affected Products:

• FUJI ELECTRIC CO., LTD. and Hakko Electronics Co., Ltd. V-SFT and TELLUS - Versions: V-SFT v6.1.7.0 and earlier, and TELLUS v4.0.12.0 and earlier

References:

• https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/index.php
• https://jvn.jp/en/vu/JVNVU90679513/index.html