CVE-2023-47582 – This vulnerability in TELLUS and TELLUS Lite so... (How to Fix)

Q: What is the severity of CVE-2023-47582?

CVE-2023-47582 has a CVSS score of 7.8 (HIGH). This vulnerability in TELLUS and TELLUS Lite software allows attackers to execute arbitrary code or disclose sensitive information by tricking a user into opening a malicious file. It affects users of TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0, potentially leading to system compromise.

📋 TL;DR

This vulnerability in TELLUS and TELLUS Lite software allows attackers to execute arbitrary code or disclose sensitive information by tricking a user into opening a malicious file. It affects users of TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0, potentially leading to system compromise.

💻 Affected Systems

Products:

TELLUS
TELLUS Lite

Versions: V4.0.17.0 and earlier

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is present in default installations when processing X1, V8, or V9 files.

📦 What is this software?

Tellus by Fujielectric

View all CVEs affecting Tellus →

Tellus Lite by Fujielectric

View all CVEs affecting Tellus Lite →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise via arbitrary code execution, leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Information disclosure or limited code execution due to user interaction required, potentially resulting in data loss or malware infection.

🟢

If Mitigated

Minimal impact if users avoid opening untrusted files and systems are isolated, though risk persists if software is used.

🌐 Internet-Facing: LOW, as exploitation requires user interaction with a malicious file, not direct network exposure.

🏢 Internal Only: MEDIUM, as internal users could be targeted via phishing or shared files, leading to potential lateral spread.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open a crafted file; no public proof-of-concept is known, but the vulnerability is documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after V4.0.17.0

Vendor Advisory: https://hakko-elec.co.jp/site/download/03tellus_inf/index.php

Restart Required: Yes

Instructions:

1. Download the latest version from the vendor advisory URL. 2. Install the update following vendor instructions. 3. Restart the system to apply changes.

🔧 Temporary Workarounds

Restrict File Access

all

Block users from opening X1, V8, or V9 files from untrusted sources to prevent exploitation.

User Training

all

Educate users to avoid opening suspicious files and verify sources before opening TELLUS-related files.

🧯 If You Can't Patch

Isolate affected systems from critical networks to limit potential lateral movement.
Implement application whitelisting to block execution of unauthorized code.

🔍 How to Verify

Check if Vulnerable:

Check the software version in TELLUS or TELLUS Lite; if it is V4.0.17.0 or earlier, it is vulnerable.

Check Version:

Check the 'About' or version info within the TELLUS software interface.

Verify Fix Applied:

After updating, confirm the version is higher than V4.0.17.0 and test opening safe X1, V8, or V9 files to ensure stability.

📡 Detection & Monitoring

Log Indicators:

Unexpected file access logs for X1, V8, or V9 files
Process crashes or abnormal behavior in TELLUS software

Network Indicators:

Unusual outbound connections from TELLUS systems post-file opening

SIEM Query:

Search for events where TELLUS.exe accesses X1, V8, or V9 files followed by new process creation or network activity.

📊 Metadata

CVE ID: CVE-2023-47582

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-824

Published: November 15, 2023

Last Updated: November 21, 2024

🔗 References

https://hakko-elec.co.jp/site/download/03tellus_inf/index.php Vendor Advisory
https://jvn.jp/en/vu/JVNVU93840158/ Third Party Advisory
https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php Vendor Advisory
https://hakko-elec.co.jp/site/download/03tellus_inf/index.php Vendor Advisory
https://jvn.jp/en/vu/JVNVU93840158/ Third Party Advisory
https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-47582, you might also want to check these: