Fuji Electric Tellus Lite V-Simulator (Update A)

MonitorCVSS 7.8ICS-CERT ICSA-24-338-06Dec 3, 2024

Fuji ElectricEnergy

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Fuji Electric Tellus Lite V-Simulator Ver5 contains vulnerabilities (CVE-2024-11799, CVE-2024-11800, CVE-2024-11801, CVE-2024-11802, CVE-2024-11803) that allow local code execution when processing malicious files. These vulnerabilities can crash the simulator, denying access to V-SFT engineering and testing tools. Exploitation requires local access and user interaction. V-Simulator Ver6 (included in Tellus Lite 4.0.22.0 and later) includes file screening that prevents exploitation of the first three CVEs. The last two CVEs are fixed in Tellus Lite 4.0.22.0.

What this means

What could happen

An attacker with local access to a machine running Tellus Lite V-Simulator could send malicious files that crash the simulator, disrupting the engineering workflow and potentially preventing PLC configuration or testing activities.

Who's at risk

This affects engineers and control system technicians at energy facilities who use Fuji Electric Tellus Lite for PLC simulation and configuration. Organizations using V-Simulator Ver5 (included in Tellus Lite versions before 4.0.22.0) are at risk.

How it could be exploited

An attacker would need to place a malicious file on the local system where V-Simulator is running, or trick a user into opening a malicious file. The simulator would then process the file and crash, denying access to simulation and testing tools.

Prerequisites

Local access to the machine running Tellus Lite V-Simulator
User interaction to open or process a malicious file
V-Simulator Ver5 must be in use (Ver6 includes file screening that blocks exploitation)

Requires local access to engineer workstationRequires user interaction to open malicious fileCauses denial of service to engineering toolsNo patch available for Tellus Lite 4.0.20.0

Exploitability

Unlikely to be exploited — EPSS score 0.7%

Affected products (1)

ProductAffected VersionsFix Status

Tellus Lite: 4.0.20.04.0.20.0No fix yet

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDDo not open files from untrusted sources in V-Simulator or other Tellus Lite components

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Tellus Lite to version 4.0.22.0 or later

Long-term hardening

0/1

HARDENINGRestrict local access to engineering workstations running Tellus Lite to authorized personnel only

CVEs (5)

CVE-2024-11799 CVE-2024-11800 CVE-2024-11801 CVE-2024-11802 CVE-2024-11803

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/6754b32a-ec0f-4447-8e7b-930820f04678

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.