OTPulse
FeedAboutContact

Fuji Electric Tellus Lite V-Simulator

Plan Patch7.8ICS-CERT ICSA-24-165-14Jun 13, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Tellus Lite V-Simulator versions prior to 4.0.20.0 contain buffer overflow and out-of-bounds memory write vulnerabilities (CWE-787, CWE-121) that allow local code execution. These vulnerabilities affect versions <v4.0.20.0. No public exploitation has been reported, and remote exploitation is not possible.

What this means
What could happen
A local attacker with user-level access to a workstation running Tellus Lite V-Simulator could execute arbitrary code with the same permissions as the user, potentially compromising simulation integrity or using the compromised workstation as a pivot point to access plant networks.
Who's at risk
Engineering and operations personnel at energy utilities who use Tellus Lite V-Simulator for control system modeling, simulation, and testing should prioritize this update. This affects workstations used for SCADA and DCS training, commissioning, and pre-deployment testing in generation, transmission, and distribution environments.
How it could be exploited
An attacker must have local access to a Windows workstation running Tellus Lite V-Simulator below version 4.0.20.0. The attacker exploits a buffer overflow or out-of-bounds memory write vulnerability to execute code during application runtime, requiring user interaction to trigger the vulnerable code path (such as opening a malicious project file or simulation data).
Prerequisites
  • Local access to the workstation running Tellus Lite V-Simulator
  • User-level privileges on the host machine
  • Application version below 4.0.20.0
  • User interaction to trigger vulnerable code (e.g., opening a crafted file)
Local access required (reduces risk)Low attack complexityBuffer overflow/memory corruption vulnerabilitiesUser interaction required
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
Tellus Lite V-Simulator: <v4.0.20.0<v4.0.20.04.0.20.0
Remediation & Mitigation
0/5
Do now
0/2
HARDENINGRestrict local access to workstations running Tellus Lite V-Simulator to authorized engineering personnel only
WORKAROUNDDisable unnecessary local execution capabilities and disable running untrusted project files from untrusted sources
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Tellus Lite V-Simulator to version 4.0.20.0 or later
HARDENINGImplement application whitelisting on workstations to prevent unauthorized code execution
Long-term hardening
0/1
HARDENINGIsolate engineering workstations running simulation software from business networks using a dedicated VLAN or air-gap
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/e8a94a7f-adf8-4df5-b1de-41b977942505
Fuji Electric Tellus Lite V-Simulator | CVSS 7.8 - OTPulse