CVE-2018-14802

Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly check user-supplied comments which may allow for arbitrary remote code execution.
References
Link Resource
http://www.securityfocus.com/bid/105408 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-270-03 Mitigation Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:fujielectric:frenic_loader_3.3_firmware:7.3.4.1a:*:*:*:*:*:*:*
OR cpe:2.3:h:fujielectric:frenic-ace:-:*:*:*:*:*:*:*
cpe:2.3:h:fujielectric:frenic-eco:-:*:*:*:*:*:*:*
cpe:2.3:h:fujielectric:frenic-mega:-:*:*:*:*:*:*:*
cpe:2.3:h:fujielectric:frenic-mini\(c1\):-:*:*:*:*:*:*:*
cpe:2.3:h:fujielectric:frenic-mini\(c2\):-:*:*:*:*:*:*:*
cpe:2.3:h:fujielectric:frenic-multi:-:*:*:*:*:*:*:*

Information

Published : 2018-10-01 13:29

Updated : 2019-10-09 23:35


NVD link : CVE-2018-14802

Mitre link : CVE-2018-14802


JSON object : View

Products Affected

fujielectric

  • frenic-mini\(c1\)
  • frenic-ace
  • frenic_loader_3.3_firmware
  • frenic-mega
  • frenic-multi
  • frenic-mini\(c2\)
  • frenic-eco
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer