Description

"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).

Related CPE's

a

ffri

dual_safe

1.4.1

Vulnerable

a

ffri

ffri_yarai

3

a

soliton

infotrace_mark_ii_malware_protection

Vulnerable

a

soliton

zerona

Vulnerable

a

soliton

zerona_plus

Vulnerable

a

nec

actsecure_x_managed_security_service

2

a

skygroup

edr_plus_pack

2

a

skygroup

edr_plus_pack_cloud

2

References

https://jvn.jp/en/jp/JVN42527152/

Third Party Advisory

https://www.ffri.jp/security-info/index.htm

Vendor Advisory

https://www.skyseaclientview.net/news/230807_01/

Third Party Advisory

https://www.soliton.co.jp/support/zerona_notice_2023.html

Third Party Advisory

https://www.sourcenext.com/support/i/2023/230718_01

Third Party Advisory

https://www.support.nec.co.jp/View.aspx?id=3140109240

Permissions Required

Weaknesses

[email protected]

Primary
CWE-755

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

3.3 · Low

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-09T03:15:43.870

1 year ago

Last modified

2023-11-07T04:17:30.083

1 year ago