Multiple NETGEAR R6850 Vulnerabilities
May 31, 2024Mirai Botnet aka Katana – Active IOCs
June 1, 2024Multiple NETGEAR R6850 Vulnerabilities
May 31, 2024Mirai Botnet aka Katana – Active IOCs
June 1, 2024Severity
High
Analysis Summary
CVE-2024-5271 CVSS:7.8
Fuji Electric Monitouch V-SFT could allow a local attacker to execute arbitrary code on the system, caused by an out-of-bounds write. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-34171 CVSS:7.8
Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By sending a specially crafted request, a local attacker could overflow a buffer and execute arbitrary code on the system.
Impact
- Gain Access
- Buffer Overflow
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-5271
- CVE-2024-34171
Affected Vendors
Affected Products
- Fuji Electric Monitouch V-SFT
Remediation
Upgrade to the latest version of Fuji Electric Monitouch V-SFT, available from the Fuji Electric Website.