Fuji Electric Tellus Lite V-Simulator and V-Server Lite

Plan Patch7.8ICS-CERT ICSA-21-299-01Oct 26, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Fuji Electric Tellus Lite V-Simulator and V-Server Lite software contain multiple memory corruption vulnerabilities (buffer overflow, out-of-bounds access, use-after-free). Successful exploitation could allow an attacker to cause data corruption, read sensitive information, obtain code execution, or crash the application. These vulnerabilities are not remotely exploitable.

What this means

What could happen

An attacker with local access could execute arbitrary code on the engineering workstation running these applications, potentially disrupting process simulation, monitoring, or server operations at your facility.

Who's at risk

Energy sector operators using Fuji Electric Tellus Lite V-Simulator or V-Server Lite for process simulation, monitoring, or server functions on Windows workstations. This affects engineering teams and operations centers that depend on these tools for plant visibility and control.

How it could be exploited

An attacker must have local access to the workstation running V-Server Lite or Tellus Lite V-Simulator. The attack likely involves crafted input (file, network data, or user interaction) that triggers a buffer overflow or out-of-bounds memory access, leading to code execution or application crash.

Prerequisites

Local access to the workstation running V-Server Lite or Tellus Lite V-Simulator
User interaction (opening a file or clicking a link)
No authentication required

Memory corruption vulnerabilitiesLocal exploitation onlyNo patch available for affected versionsLow EPSS score (0.4%)Not actively exploited

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

V-Server Lite:< 4.0.12.04.0.12.0

Tellus Lite V-Simulator:< 4.0.12.04.0.12.0

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDTrain users not to open unsolicited email attachments or click links that could deliver malicious files to these workstations

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate V-Server Lite software to version 4.0.12.0

HOTFIXUpdate Tellus Lite V-Simulator software to version 4.0.12.0

Long-term hardening

0/1

HARDENINGRestrict local access to workstations running V-Server Lite or Tellus Lite V-Simulator to authorized engineering and operations staff only

CVEs (6)

CVE-2021-38413 CVE-2021-38419 CVE-2021-38401 CVE-2021-38421 CVE-2021-38409 CVE-2021-38415

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f1125d3b-de08-48e0-a557-ce3bc05d483d