CVE-2023-39341

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-39341
"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).

3.3 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://jvn.jp/en/jp/JVN42527152/ Third Party Advisory
https://www.ffri.jp/security-info/index.htm Vendor Advisory
https://www.skyseaclientview.net/news/230807_01/ Third Party Advisory
https://www.soliton.co.jp/support/zerona_notice_2023.html Third Party Advisory
https://www.sourcenext.com/support/i/2023/230718_01 Third Party Advisory
https://www.support.nec.co.jp/View.aspx?id=3140109240 Permissions Required
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ffri:dual_safe:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ffri:ffri_yarai:*:*:*:*:-:*:*:*
cpe:2.3:a:ffri:ffri_yarai:1.4.0:*:*:*:home_and_business:*:*:*
cpe:2.3:a:ffri:ffri_yarai:3.5.0:*:*:*:-:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:soliton:infotrace_mark_ii_malware_protection:*:*:*:*:*:*:*:*
cpe:2.3:a:soliton:zerona:*:*:*:*:*:*:*:*
cpe:2.3:a:soliton:zerona_plus:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:nec:actsecure_x_managed_security_service:*:*:*:*:*:*:*:*
cpe:2.3:a:nec:actsecure_x_managed_security_service:3.5.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:skygroup:edr_plus_pack:*:*:*:*:*:*:*:*
cpe:2.3:a:skygroup:edr_plus_pack:3.5.0:*:*:*:*:*:*:*
cpe:2.3:a:skygroup:edr_plus_pack_cloud:*:*:*:*:*:*:*:*
cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.5.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2023-08-09 03:15

Updated : 2023-11-07 04:17

NVD link : CVE-2023-39341

Mitre link : CVE-2023-39341

CVE.ORG link : CVE-2023-39341

JSON object : View

Products Affected

soliton

  • zerona_plus
  • infotrace_mark_ii_malware_protection
  • zerona

nec

  • actsecure_x_managed_security_service

skygroup

  • edr_plus_pack
  • edr_plus_pack_cloud

ffri

  • dual_safe
  • ffri_yarai
CWE
CWE-755

Improper Handling of Exceptional Conditions