OTPulse
FeedAboutContact

Fuji Electric V-Server Lite

Plan Patch7.8ICS-CERT ICSA-18-254-02Sep 11, 2018
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

A buffer overflow vulnerability in Fuji Electric V-Server Lite versions 4.0.3.0 and prior allows an attacker with local access to read sensitive information and disrupt device availability. The vulnerability requires low complexity to exploit and no authentication. Fuji Electric has released firmware update v4.0.4.0 to address this issue.

What this means
What could happen
An attacker could view sensitive data on the V-Server Lite device and disrupt its availability, potentially interrupting remote monitoring and control of energy infrastructure systems.
Who's at risk
Energy utilities using Fuji Electric V-Server Lite for remote monitoring and data acquisition should care. This affects any organization using V-Server Lite 4.0.3.0 or earlier in SCADA or control system monitoring roles.
How it could be exploited
An attacker with local access to the device could exploit a buffer overflow vulnerability (CWE-120) to execute arbitrary code, read configuration files and credentials, or crash the application. The low CVSS complexity and lack of authentication requirements make this straightforward to execute once access is gained.
Prerequisites
  • Local access to the V-Server Lite device
  • Ability to interact with the vulnerable component (user interaction may be required)
  • No authentication needed to trigger the vulnerability
Local access required (reduces immediate risk)Low attack complexityNo authentication requiredAffects monitoring/visibility systemsBuffer overflow vulnerability
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (1)
ProductAffected VersionsFix Status
V-Server Lite: 4.0.3.0 and prior≤ 4.0.3.04.0.4.0
Remediation & Mitigation
0/4
Do now
0/3
HARDENINGRestrict network access to V-Server Lite devices; ensure they are not reachable from the Internet
HARDENINGPlace V-Server Lite and control system networks behind firewalls with proper network segmentation from business network
HARDENINGIf remote access to V-Server Lite is required, enforce VPN use with current encryption protocols and keep VPN software updated
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate V-Server Lite firmware to version 4.0.4.0 or later
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/d56301d8-7022-4f2e-9fd6-599d7368d190
Fuji Electric V-Server Lite | CVSS 7.8 - OTPulse