Fuji Electric Monitouch V-SFT

Plan Patch7.3ICS-CERT ICSA-17-222-04Aug 10, 2017

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Fuji Electric Monitouch V-SFT contains multiple buffer overflow and memory corruption vulnerabilities (CWE-121, CWE-122) and improper privilege management (CWE-269) in versions prior to 5.4.43.0. These flaws allow remote attackers without credentials to read sensitive information, modify settings, or cause denial of service by exploiting weak input validation in the HMI communication protocol. The vulnerability affects energy sector operators relying on V-SFT for SCADA visualization and process management.

What this means

What could happen

An attacker could read sensitive data, modify process configurations, or cause the human-machine interface (HMI) to become unavailable, disrupting operator visibility and control of energy generation or distribution equipment.

Who's at risk

Energy sector operators managing Fuji Electric Monitouch V-SFT human-machine interfaces (HMI) used to monitor and control generation, transmission, or distribution systems should prioritize patching. This includes anyone using V-SFT versions prior to 5.4.43.0 for SCADA data visualization or process control interfaces.

How it could be exploited

An attacker with network access to the Monitouch V-SFT system can send crafted packets over the network to trigger buffer overflow or memory corruption vulnerabilities without authentication. This allows arbitrary code execution or unauthorized access to data stored on the HMI server.

Prerequisites

Network connectivity to Monitouch V-SFT (typically port 21866 or similar HMI communication port)
No authentication required
Ability to craft and send network packets

remotely exploitableno authentication requiredlow complexityhigh CVSS score (7.3)affects control system visibility and operations

Exploitability

Moderate exploit probability (EPSS 6.5%)

Affected products (1)

ProductAffected VersionsFix Status

Monitouch V-SFT:< 5.4.43.05.4.43.0

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Monitouch V-SFT to version 5.4.43.0 or later

Long-term hardening

0/2

HARDENINGIsolate Monitouch V-SFT systems on a dedicated engineering network segment with firewall rules restricting access to authorized operator workstations and engineering systems only

HARDENINGImplement network monitoring to detect unauthorized connection attempts to Monitouch V-SFT ports

CVEs (3)

CVE-2017-9659 CVE-2017-9660 CVE-2017-9662

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/4778363a-1f03-407c-b10a-1d0ce7fdec14