Skip to main content

Monitouch V Sft CVE-2024-5597

HIGH
Access of Resource Using Incompatible Type (Type Confusion) (CWE-843)
2024-06-10 ics-cert@hq.dhs.gov
8.5
CVSS 4.0 · Vendor: hq
Share

Severity by source

Vendor (hq) PRIMARY
8.5 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (hq) · only source for this CVE.

CVSS VectorVendor: hq

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

1
CVE Published
Jun 10, 2024 - 17:16 cve.org
HIGH 8.5

DescriptionCVE.org

Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution.

AnalysisAI

Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Access of Resource Using Incompatible Type (Type Confusion) (CWE-843), which allows attackers to execute arbitrary code by exploiting type confusion in the application. Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution. Affected products include: Fujielectric Monitouch V-Sft.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Enforce strict type checking, use type-safe languages, validate object types before operations.

CVE-2017-9660 HIGH
8.8 Aug 14

A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Rated h

CVE-2017-9659 HIGH
8.8 Aug 14

A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0.

CVE-2024-5271 HIGH
8.5 May 30

Fuji Electric Monitouch V-SFT is vulnerable to an out-of-bounds write because of a type confusion, which could result in

CVE-2024-34171 HIGH
8.5 May 30

Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute a

CVE-2025-47760 HIGH
8.4 May 19

V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default functi

CVE-2025-47759 HIGH
8.4 May 19

V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom

CVE-2025-47758 HIGH
8.4 May 19

V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_nam

CVE-2025-47757 HIGH
8.4 May 19

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6MemInIF.dll!set_plc_type_default function. Ra

CVE-2025-47756 HIGH
8.4 May 19

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc functi

CVE-2025-47755 HIGH
8.4 May 19

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Rated high

CVE-2025-47754 HIGH
8.4 May 19

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!Conv_Macro_Data function. Rated high

CVE-2025-47753 HIGH
8.4 May 19

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CDrawSLine::GetRectArea function. Ra

Share

CVE-2024-5597 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy