CVE-2018-14790
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
01/10/2018
Last modified:
09/10/2019
Description
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:fujielectric:frenic_loader_3.3_firmware:7.3.4.1a:*:*:*:*:*:*:* | ||
| cpe:2.3:h:fujielectric:frenic-ace:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:fujielectric:frenic-eco:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:fujielectric:frenic-mega:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:fujielectric:frenic-mini\(c1\):-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:fujielectric:frenic-mini\(c2\):-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:fujielectric:frenic-multi:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page