CVE-2024-11800 is a stack-based buffer overflow vulnerability identified in Fuji Electric Tellus Lite V-Simulator 5, specifically during the parsing of V8 files. The root cause is the lack of proper validation of the length of user-supplied data before it is copied into a fixed-length buffer on the stack. This improper bounds checking allows an attacker to overflow the buffer, potentially overwriting the stack and enabling arbitrary code execution within the context of the vulnerable process. Exploitation requires user interaction, such as opening a maliciously crafted V8 file or visiting a malicious webpage that triggers the vulnerable parsing routine. The affected product version is 4.0.20.0 of Tellus Lite. The vulnerability was reported by the Zero Day Initiative (ZDI) as ZDI-CAN-24768 and has a CVSS v3.0 score of 7.8, indicating high severity. The attack vector is local (AV:L), but no privileges are required (PR:N), and user interaction is necessary (UI:R). Successful exploitation can compromise confidentiality, integrity, and availability of the affected system. No patches or public exploits are currently available, but the vulnerability poses a significant risk to environments using this software, especially in industrial control or critical infrastructure sectors where Fuji Electric products are deployed.

The impact of CVE-2024-11800 is substantial for organizations using Fuji Electric Tellus Lite, particularly in industrial and critical infrastructure sectors. Successful exploitation allows remote code execution, enabling attackers to run arbitrary code with the privileges of the vulnerable application. This can lead to full system compromise, data theft, manipulation of operational processes, or denial of service. Given the software’s role in industrial control environments, an attacker could disrupt manufacturing processes, energy distribution, or other critical operations, potentially causing physical damage or safety hazards. The requirement for user interaction reduces the likelihood of automated widespread exploitation but does not eliminate targeted attacks, especially spear-phishing or supply chain attacks delivering malicious files. The lack of known public exploits currently limits immediate risk but also means organizations must act proactively. The vulnerability affects confidentiality, integrity, and availability, making it a critical concern for operational technology (OT) environments.

To mitigate CVE-2024-11800, organizations should first verify if they are running Fuji Electric Tellus Lite version 4.0.20.0 or other vulnerable versions. Since no official patches are currently available, immediate mitigations include restricting user access to open untrusted V8 files and disabling or limiting the use of the V-Simulator 5 component where feasible. Implement strict network segmentation to isolate systems running Tellus Lite from untrusted networks and reduce exposure to malicious files or webpages. Employ endpoint protection solutions capable of detecting anomalous behavior related to buffer overflow exploitation. Educate users about the risks of opening files from untrusted sources and visiting suspicious websites. Monitor logs and network traffic for unusual activity indicative of exploitation attempts. Once Fuji Electric releases a patch, apply it promptly. Additionally, consider application whitelisting and enhanced input validation controls where possible to reduce attack surface.