Login Sign Up

CVE-2023-32270

7.8 HIGH
Remote Code Execution Buffer Overflow

📋 TL;DR

This vulnerability in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0 is a memory corruption issue where opening a specially crafted V8 file can cause the software to access memory beyond buffer boundaries. This could allow attackers to read sensitive information from memory or execute arbitrary code on affected systems. Organizations using these specific versions of TELLUS software for industrial control systems are at risk.

💻 Affected Systems

Products:
  • TELLUS
  • TELLUS Lite
Versions: v4.0.15.0
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Affects both TELLUS and TELLUS Lite versions 4.0.15.0 specifically. These are industrial control system software used for monitoring and control applications.

📦 What is this software?

Tellus by Fujielectric

View all CVEs affecting Tellus →

Tellus Lite by Fujielectric

View all CVEs affecting Tellus Lite →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with arbitrary code execution leading to industrial process disruption, data theft, or lateral movement within industrial networks.

🟠

Likely Case

Information disclosure from memory contents, potentially exposing sensitive industrial control data or credentials.

🟢

If Mitigated

Limited impact with proper network segmentation and file validation controls in place.

🌐 Internet-Facing: LOW with brief explanation
🏢 Internal Only: MEDIUM with brief explanation

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open a malicious V8 file. No public exploit code has been identified at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after v4.0.15.0

Vendor Advisory: https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php

Restart Required: Yes

Instructions:

1. Download the latest version from Fuji Electric's official site. 2. Uninstall the vulnerable version. 3. Install the updated version. 4. Restart the system.

🔧 Temporary Workarounds

Restrict V8 file handling

windows

Configure systems to prevent opening V8 files from untrusted sources

User awareness training

all

Train operators to avoid opening V8 files from unknown or untrusted sources

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate TELLUS systems from general corporate networks
  • Deploy application whitelisting to prevent execution of unauthorized files and processes

🔍 How to Verify

Check if Vulnerable:

Check TELLUS software version in Help > About menu. If version is exactly 4.0.15.0, the system is vulnerable.

Check Version:

Check via TELLUS GUI: Help > About menu

Verify Fix Applied:

Verify installed version is newer than 4.0.15.0 in Help > About menu.

📡 Detection & Monitoring

Log Indicators:

  • Failed file opening attempts
  • Application crashes when opening V8 files
  • Unusual process creation from TELLUS

Network Indicators:

  • Unusual file transfers to TELLUS systems
  • Network connections from TELLUS to unexpected destinations

SIEM Query:

source="TELLUS" AND (event_type="crash" OR file_extension=".v8")

📊 Metadata

CVE ID: CVE-2023-32270
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-119
Published: June 19, 2023
Last Updated: December 23, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-32270, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)