CVE-2024-37022 – This vulnerability in Fuji Electric Tellus Lite... (How to Fix)

Q: What is the severity of CVE-2024-37022?

CVE-2024-37022 has a CVSS score of 7.8 (HIGH). This vulnerability in Fuji Electric Tellus Lite V-Simulator allows an attacker to write data beyond intended memory boundaries, potentially leading to arbitrary code execution. It affects users of this industrial control system (ICS) software, particularly in critical infrastructure sectors where such simulators are used for testing and training.

📋 TL;DR

This vulnerability in Fuji Electric Tellus Lite V-Simulator allows an attacker to write data beyond intended memory boundaries, potentially leading to arbitrary code execution. It affects users of this industrial control system (ICS) software, particularly in critical infrastructure sectors where such simulators are used for testing and training.

💻 Affected Systems

Products:

Fuji Electric Tellus Lite V-Simulator

Versions: Specific versions not detailed in reference; assume all versions prior to patched release are vulnerable.

Operating Systems: Windows (commonly used for ICS software)

Default Config Vulnerable: ⚠️ Yes

Notes: This is an ICS application, often deployed in critical infrastructure environments like energy or manufacturing.

📦 What is this software?

Tellus Lite V Simulator by Fujielectric

View all CVEs affecting Tellus Lite V Simulator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could gain full control of the system running the simulator, enabling them to disrupt operations, steal sensitive data, or pivot to other network segments.

🟠

Likely Case

Local or network-based attackers could crash the application or execute malicious code, causing service disruption or unauthorized access to the host system.

🟢

If Mitigated

With proper network segmentation and access controls, the impact is limited to denial-of-service or isolated compromise of the simulator instance.

🌐 Internet-Facing: LOW, as this software is typically used internally in industrial environments and not exposed directly to the internet.

🏢 Internal Only: HIGH, due to the potential for code execution within operational networks, especially if attackers gain initial access through phishing or other means.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation likely requires some level of access to the system or network, but details are not publicly available in the advisory.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Fuji Electric advisory for specific patched versions.

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-14

Restart Required: Yes

Instructions:

1. Check the CISA advisory for patch details. 2. Download the update from Fuji Electric's official site. 3. Apply the patch following vendor instructions. 4. Restart the system to ensure changes take effect.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate the simulator on a dedicated network segment to limit attack surface.

Access Control

all

Restrict user permissions and enforce least privilege to reduce exploitation risk.

🧯 If You Can't Patch

Disable or uninstall the simulator if not essential to operations.
Implement strict firewall rules to block unnecessary inbound/outbound traffic to the simulator.

🔍 How to Verify

Check if Vulnerable:

Check the software version against the patched version listed in the vendor advisory.

Check Version:

Check within the application's help or about menu, or consult system documentation for version info.

Verify Fix Applied:

Confirm the software version has been updated to the patched release and test functionality.

📡 Detection & Monitoring

Log Indicators:

Unexpected crashes or memory errors in application logs
Unusual process executions related to the simulator

Network Indicators:

Anomalous network traffic to/from the simulator port
Suspicious connections from untrusted sources

SIEM Query:

Example: 'source="Tellus Lite" AND (event_type="crash" OR event_type="memory_error")'

📊 Metadata

CVE ID: CVE-2024-37022

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: June 13, 2024

Last Updated: November 21, 2024

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-14 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-14 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-37022, you might also want to check these: