Monitouch V Sft
CVE-2017-9662
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Monitouch V-SFT is installed in a directory with weak access controls by default, which could allow an authenticated attacker with local access to escalate privileges.
AnalysisAI
An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Monitouch V-SFT is installed in a directory with weak access controls by default, which could allow an authenticated attacker with local access to escalate privileges. Affected products include: Fujielectric Monitouch V-Sft. Version information: Version 5.4.43.0..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
More in Monitouch V Sft
View allA Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Rated h
A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0.
Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution. Rated high
Fuji Electric Monitouch V-SFT is vulnerable to an out-of-bounds write because of a type confusion, which could result in
Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute a
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default functi
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_nam
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6MemInIF.dll!set_plc_type_default function. Ra
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc functi
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Rated high
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!Conv_Macro_Data function. Rated high
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today