Fuji Electric D300win

Plan Patch8.7ICS-CERT ICSA-22-242-05Aug 30, 2022

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Fuji Electric D300win versions below 3.7.1.17 contain buffer overread (CWE-125) and buffer overwrite (CWE-123) vulnerabilities in unspecified components. Successful exploitation could result in loss of sensitive data and manipulation of information. The vulnerability is remotely exploitable and requires no authentication.

What this means

What could happen

An attacker could read sensitive data from D300win or modify data and control system information, potentially disrupting energy operations or exposing confidential configuration details.

Who's at risk

Energy sector operators using Fuji Electric D300win HMI/SCADA software, particularly at utilities managing power distribution, generation, or grid control systems where this software interfaces with operational control networks.

How it could be exploited

An attacker with network access to D300win could send specially crafted requests that exploit buffer overread (CWE-125) or buffer overwrite (CWE-123) vulnerabilities to read memory contents or execute code that alters system data or settings.

Prerequisites

Network access to D300win device
No authentication required
Vulnerability exists in versions below 3.7.1.17

remotely exploitableno authentication requiredhigh CVSS (8.7)affects data confidentiality and integritybuffer memory vulnerabilities

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

D300win:< 3.7.1.173.7.1.17

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGIsolate D300win from the business network and place behind a firewall

HARDENINGEnsure D300win is not accessible from the Internet

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade D300win to version 3.7.1.17 or later

HARDENINGIf remote access to D300win is required, implement a secure VPN connection and keep VPN software updated

CVEs (2)

CVE-2022-1738 CVE-2022-1523

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9217e653-1961-4c4d-ab28-9e7b7ed724e5