CVE-2023-35127 – A stack-based buffer overflow vulnerability in ... (How to Fix)

Q: What is the severity of CVE-2023-35127?

CVE-2023-35127 has a CVSS score of 7.8 (HIGH). A stack-based buffer overflow vulnerability in Fuji Electric Tellus Lite V-Simulator allows remote attackers to execute arbitrary code by tricking a user into opening a malicious input file. This affects users of the Tellus Lite V-Simulator software, potentially leading to system compromise.

📋 TL;DR

A stack-based buffer overflow vulnerability in Fuji Electric Tellus Lite V-Simulator allows remote attackers to execute arbitrary code by tricking a user into opening a malicious input file. This affects users of the Tellus Lite V-Simulator software, potentially leading to system compromise.

💻 Affected Systems

Products:

Fuji Electric Tellus Lite V-Simulator

Versions: Versions prior to the patched release (specific version not detailed in references, but check vendor advisory).

Operating Systems: Windows (assumed, as typical for industrial software)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when parsing specially crafted input files; default installations are likely vulnerable.

📦 What is this software?

Tellus Lite V Simulator by Fujielectric

View all CVEs affecting Tellus Lite V Simulator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, or disruption of industrial control processes.

🟠

Likely Case

Local code execution on the user's machine, potentially enabling privilege escalation or malware installation.

🟢

If Mitigated

Limited impact if file parsing is restricted to trusted sources and software is isolated from critical systems.

🌐 Internet-Facing: LOW, as exploitation typically requires user interaction with a malicious file, not direct internet exposure.

🏢 Internal Only: MEDIUM, due to potential for internal phishing or malicious file sharing within networks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open a malicious file; no public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched version.

Vendor Advisory: https://felib.fujielectric.co.jp/en/M10009/M20034/document_detail/c27d5b69-68ef-4af5-90ee-b5dab118f71a

Restart Required: Yes

Instructions:

1. Visit the vendor advisory URL. 2. Download and install the latest version of Tellus Lite V-Simulator. 3. Restart the system to apply changes.

🔧 Temporary Workarounds

Restrict File Access

all

Limit file parsing to trusted sources and avoid opening untrusted input files.

Network Segmentation

all

Isolate systems running the simulator from critical networks to reduce attack surface.

🧯 If You Can't Patch

Implement strict access controls and user training to avoid opening suspicious files.
Use application whitelisting to prevent unauthorized software execution.

🔍 How to Verify

Check if Vulnerable:

Check the software version against the vendor advisory; if using an older version, assume vulnerable.

Check Version:

Check within the Tellus Lite V-Simulator application interface or system documentation for version info.

Verify Fix Applied:

Verify installation of the patched version from vendor sources and confirm no crashes occur with test files.

📡 Detection & Monitoring

Log Indicators:

Application crashes, unexpected file access, or error logs related to buffer overflow in Tellus Lite.

Network Indicators:

Unusual file transfers to systems running the simulator.

SIEM Query:

Search for event logs indicating Tellus Lite process termination or file parsing errors.

📊 Metadata

CVE ID: CVE-2023-35127

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-121

Published: November 22, 2023

Last Updated: November 21, 2024

🔗 References

https://felib.fujielectric.co.jp/en/M10009/M20034/document_detail/c27d5b69-68ef-4af5-90ee-b5dab118f71a Vendor Advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-23-325-02 Third Party Advisory,US Government Resource
https://felib.fujielectric.co.jp/en/M10009/M20034/document_detail/c27d5b69-68ef-4af5-90ee-b5dab118f71a Vendor Advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-23-325-02 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-35127, you might also want to check these: