CVE-2024-11801 is a remote code execution vulnerability identified in Fuji Electric Tellus Lite's V-Simulator 5 component, specifically in version 4.0.20.0. The vulnerability stems from an out-of-bounds write condition (CWE-787) during the parsing of V8 files, where the software fails to properly validate user-supplied data. This improper validation allows an attacker to write data beyond the allocated memory buffer, potentially overwriting critical memory structures. By crafting a malicious V8 file or hosting a malicious webpage containing such a file, an attacker can induce a targeted user to open or load this content, triggering the vulnerability. The exploit executes code in the context of the current process without requiring prior authentication, but it does require user interaction (opening a file or visiting a page). The CVSS v3.0 score is 7.8 (high), reflecting the vulnerability's significant impact on confidentiality, integrity, and availability, combined with relatively low complexity of attack. Although no known exploits have been reported in the wild yet, the vulnerability poses a serious risk due to the potential for remote code execution and full system compromise within the affected application environment. The vulnerability was assigned by ZDI (ZDI-CAN-24769) and publicly disclosed on November 27, 2024. No official patches were linked at the time of disclosure, indicating that organizations must monitor for vendor updates or apply interim mitigations.

The vulnerability enables remote attackers to execute arbitrary code on systems running Fuji Electric Tellus Lite V-Simulator 5 version 4.0.20.0, potentially leading to full compromise of the affected application process. This can result in unauthorized access to sensitive operational data, manipulation or disruption of industrial control processes managed via the Tellus Lite platform, and potential lateral movement within the network. Given the critical role of Fuji Electric Tellus Lite in industrial automation and energy management, exploitation could disrupt operational technology environments, cause downtime, or lead to safety hazards. The requirement for user interaction limits mass exploitation but targeted spear-phishing or social engineering attacks remain a significant risk. The absence of known exploits in the wild currently reduces immediate threat but the high CVSS score and ease of exploitation suggest attackers may develop exploits rapidly. Organizations relying on this software for industrial control or monitoring should consider the vulnerability a high priority for remediation to avoid operational and security impacts.

1. Monitor Fuji Electric's official channels for security patches addressing CVE-2024-11801 and apply updates immediately upon release. 2. Until patches are available, restrict user access to the V-Simulator 5 component and disable automatic opening or parsing of V8 files from untrusted sources. 3. Implement strict network segmentation to isolate systems running Tellus Lite from general user networks and internet-facing systems to reduce exposure. 4. Employ endpoint protection solutions capable of detecting anomalous behavior or memory corruption attempts related to out-of-bounds writes. 5. Conduct user awareness training focused on the risks of opening files or links from untrusted sources to reduce the likelihood of successful social engineering. 6. Use application whitelisting or sandboxing to limit the execution context of Tellus Lite components, mitigating the impact of potential code execution. 7. Regularly audit and monitor logs for unusual activity or crashes related to the V-Simulator 5 component that may indicate exploitation attempts. 8. Consider deploying intrusion detection/prevention systems with signatures tuned for this vulnerability once available.