Description
"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).
Related CPE's
a
ffri
ffri_yarai
a
nec
actsecure_x_managed_security_service
a
skygroup
edr_plus_pack
a
skygroup
edr_plus_pack_cloud
References
https://jvn.jp/en/jp/JVN42527152/
https://www.ffri.jp/security-info/index.htm
https://www.skyseaclientview.net/news/230807_01/
https://www.soliton.co.jp/support/zerona_notice_2023.html
https://www.sourcenext.com/support/i/2023/230718_01
https://www.support.nec.co.jp/View.aspx?id=3140109240
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3.3 · Low
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2023-08-09T03:15:43.870
1 year agoLast modified
2023-11-07T04:17:30.083
11 months ago