CVE-2024-11803 is a vulnerability identified in Fuji Electric Tellus Lite V-Simulator 5, specifically version 4.0.20.0. The vulnerability is classified as CWE-787, an out-of-bounds write, which occurs during the parsing of V8 files by the V-Simulator 5 component. The root cause is the lack of proper validation of user-supplied data, allowing an attacker to write data beyond the allocated buffer boundaries. This memory corruption can be exploited to execute arbitrary code remotely. The attack vector requires user interaction, such as opening a maliciously crafted V8 file or visiting a malicious webpage that triggers the vulnerable parser. The CVSS v3.0 base score is 7.8, indicating a high severity level, with attack vector local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), user interaction required (UI:R), unchanged scope (S:U), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). Although no known exploits are currently reported in the wild, the vulnerability presents a critical risk due to the potential for remote code execution in industrial control environments. The vulnerability was reported by the Zero Day Initiative (ZDI) as ZDI-CAN-24771 and published on November 27, 2024. Fuji Electric Tellus Lite is used in industrial automation and control systems, making this vulnerability particularly concerning for operational technology environments.

The impact of CVE-2024-11803 is significant for organizations using Fuji Electric Tellus Lite in industrial automation and control systems. Successful exploitation allows remote attackers to execute arbitrary code with the privileges of the affected application, potentially leading to full system compromise. This can result in unauthorized access to sensitive operational data, manipulation of control processes, disruption of industrial operations, and potential safety hazards. The compromise of such systems can have cascading effects on critical infrastructure, manufacturing, and energy sectors. Given the high confidentiality, integrity, and availability impacts, attackers could steal proprietary information, alter control commands, or cause denial of service. The requirement for user interaction limits exploitation somewhat but does not eliminate risk, especially in environments where users may open files from untrusted sources or access malicious web content. The absence of known exploits in the wild provides a window for proactive mitigation, but the threat remains high due to the critical nature of affected systems.

1. Apply patches and updates from Fuji Electric as soon as they become available to address the vulnerability directly. 2. Until patches are released, restrict the use of Fuji Electric Tellus Lite V-Simulator 5 to trusted environments and avoid opening files from untrusted or unknown sources. 3. Implement strict network segmentation to isolate industrial control systems running Tellus Lite from general IT networks and the internet. 4. Employ application whitelisting and endpoint protection solutions to detect and block attempts to execute unauthorized code. 5. Educate users about the risks of opening files from untrusted sources and visiting suspicious websites, emphasizing the need for caution with V8 files. 6. Monitor logs and network traffic for unusual activity that may indicate exploitation attempts. 7. Consider disabling or restricting the V8 file parsing functionality if feasible until a patch is applied. 8. Collaborate with Fuji Electric support for guidance and to receive timely updates on remediation.