Fuji Electric V-Server Lite

Plan Patch7.8ICS-CERT ICSA-20-329-02Nov 24, 2020

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

V-Server Lite versions prior to 3.3.25.0 contain an out-of-bounds write vulnerability (CWE-787) that could allow local code execution. The vulnerability requires user interaction to trigger (such as opening a malicious file). Fuji Electric has released version 3.3.25.0 as a fix, available from the company website.

What this means

What could happen

An attacker could execute arbitrary code on V-Server Lite, potentially allowing them to modify control logic, alter process parameters, or shut down operations at energy facilities.

Who's at risk

Energy sector operators using Fuji Electric V-Server Lite for control system engineering and configuration work, particularly those managing power generation, distribution, or industrial control systems at utilities.

How it could be exploited

An attacker with local access to a system running V-Server Lite below version 3.3.25.0 could exploit an out-of-bounds write vulnerability to execute arbitrary code with the privileges of the application. This requires the user to perform an action (such as opening a file or interacting with the application) that triggers the vulnerability.

Prerequisites

Local access to the machine running V-Server Lite
V-Server Lite version 3.3.24.0 or earlier
User interaction (e.g., opening a malicious file or project)

Low complexity exploitationUser interaction required (reduces immediate risk)Affects control system engineering workstations

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (1)

ProductAffected VersionsFix Status

V-Server Lite: all< 3.3.24.03.3.25.0

Remediation & Mitigation

0/3

Do now

0/2

HARDENINGRestrict local access to systems running V-Server Lite to authorized engineering personnel only

HARDENINGTrain users not to open unsolicited files or click suspicious links that could be used to trigger the vulnerability

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate V-Server Lite to version 3.3.25.0 or later from the Fuji Electric website

CVEs (1)

CVE-2020-25171

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9d16c69d-b965-4e62-9d4e-4ec0ea61c4f7