OTPulse
FeedAboutContact

Fuji Electric V-Server Lite

Plan Patch7.8ICS-CERT ICSA-20-098-04Apr 7, 2020
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

V-Server Lite versions prior to 4.0.9.0 contain a buffer overflow vulnerability (CWE-122) that allows a local attacker with user interaction to execute arbitrary code with elevated privileges. Successful exploitation grants remote code execution on affected systems. The vulnerability affects all versions before 4.0.9.0.

What this means
What could happen
An attacker with local access to a system running V-Server Lite could execute arbitrary code with elevated privileges, potentially allowing them to modify energy control system configurations or process operations.
Who's at risk
Energy sector operators using Fuji Electric V-Server Lite (all versions before 4.0.9.0) should prioritize this vulnerability. This software is commonly used in power generation and distribution control systems where unauthorized code execution could disrupt operations or alter safety-critical settings.
How it could be exploited
An attacker needs local access to a system running V-Server Lite and must trigger user interaction (e.g., opening a malicious file or link) to exploit a memory corruption flaw (CWE-122) that grants elevated privileges and remote code execution.
Prerequisites
  • Local file system access to the V-Server Lite host
  • User interaction required (opening file or clicking link)
  • Unpatched version below 4.0.9.0
High CVSS score (7.8)User interaction required (reduces but does not eliminate risk)Local access requirement (reduces attack surface compared to remote)Memory corruption flaw (CWE-122)
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
V-Server Lite: all< 4.0.9.04.0.9.0
Remediation & Mitigation
0/5
Do now
0/1
WORKAROUNDRestrict user ability to open unsolicited email attachments or click external links on systems running V-Server Lite
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade V-Server Lite to version 4.0.9.0 or later
Long-term hardening
0/3
HARDENINGIsolate V-Server Lite systems from the Internet and place them behind firewalls
HARDENINGSeparate control system networks from business networks using network segmentation
HARDENINGUse VPNs with the latest security patches for any required remote access to V-Server Lite systems
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/5d67973d-cf2a-436d-b53a-644762926457