Fuji Electric Alpha7 PC Loader up to 1.1 Out-of-Bounds memory corruption

A vulnerability classified as critical was found in Fuji Electric Alpha7 PC Loader up to 1.1. This vulnerability affects some unknown functionality. The manipulation with an unknown input leads to a memory corruption vulnerability (Out-of-Bounds). The CWE definition for the vulnerability is CWE-119. As an impact it is known to affect confidentiality, integrity, and availability.

The bug was discovered 05/16/2019. The weakness was presented 07/02/2019. This vulnerability was named CVE-2019-10975 since 04/08/2019. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 07/03/2019).

The vulnerability was handled as a non-public zero-day exploit for at least 47 days. During that time the estimated underground price was around $0-$5k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Vendor

Name

VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.5

VulDB Base Score: ≈5.5
VulDB Temp Score: ≈5.5
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Memory corruption / Out-of-Bounds (CWE-119)
Local: Yes
Remote: No

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: no mitigation known

0-Day Time: 🔒

04/08/2019 CVE assigned
05/16/2019 +38 days Vulnerability found
07/02/2019 +47 days Advisory disclosed
07/03/2019 +1 days VulDB entry created
07/03/2019 +0 days VulDB last update
CVE: CVE-2019-10975 (🔒)
OSVDB: - Fuji Electric Alpha7 PC Loader denial of service
Created: 07/03/2019 07:34 AM
Complete: 🔍

Comments are closed.