PatchSiren cyber security CVE debrief
CVE-2024-11800 Fuji Electric CVE debrief
A stack-based buffer overflow vulnerability exists in Fuji Electric Tellus Lite V-Simulator 5 (VS5Sim), a simulator component packaged with the TELLUS Lite HMI/SCADA software. The flaw occurs during parsing of V8 files when user-supplied data length is not properly validated before being copied to a fixed-length stack buffer. Successful exploitation requires user interaction—the target must open a malicious V8 file or visit a malicious page that triggers the vulnerable parsing routine. Code execution occurs in the context of the current process. The vulnerability was disclosed on December 3, 2024, with an update published on July 29, 2025, noting that TELLUS V4.0.22.0 was released to address related vulnerabilities CVE-2024-11802 and CVE-2024-11803. Fuji Electric has replaced V-SFT Ver5 with V-SFT Ver6 in newer TELLUS Lite versions, and VS6Sim includes input screening to prevent malicious file exploitation of this and related vulnerabilities.
- Vendor
- Fuji Electric
- Product
- Tellus Lite
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-12-03
- Original CVE updated
- 2025-07-29
- Advisory published
- 2024-12-03
- Advisory updated
- 2025-07-29
Who should care
OT security teams operating Fuji Electric Tellus Lite HMI/SCADA systems, industrial control system engineers, plant operators using V-Simulator for offline testing, and organizations with engineering workstations that process V8 project files from external sources.
Technical summary
The V-Simulator 5 component in Fuji Electric Tellus Lite fails to validate the length of user-supplied data when parsing V8 files, resulting in a stack-based buffer overflow. The vulnerable code copies data to a fixed-length stack buffer without bounds checking. Exploitation requires the target to open a crafted V8 file, yielding code execution in the current process context. Fuji Electric has addressed this by replacing V-SFT Ver5 with V-SFT Ver6 in newer releases; VS6Sim incorporates input screening to block malicious files targeting this vulnerability class.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade to TELLUS Lite V4.0.22.0 or later which includes VS6Sim replacing the vulnerable VS5Sim component
- If immediate patching is not feasible, implement application whitelisting to prevent execution of untrusted V8 files
- Train operators to avoid opening V8 files from untrusted sources and to verify file origins before opening
- Deploy endpoint protection with behavioral monitoring focused on stack overflow detection in HMI/SCADA applications
- Segment OT networks containing Tellus Lite installations from untrusted networks to reduce attack surface for social engineering vectors
- Monitor for suspicious V8 file attachments in email and file transfer systems targeting engineering workstations
Evidence notes
Vulnerability description and remediation details sourced from CISA CSAF advisory ICSA-24-338-06. CVSS 3.1 vector confirms local attack vector with user interaction required. Revision history confirms Update A published 2025-07-29 with TELLUS V4.0.22.0 release information.
Official resources
-
CVE-2024-11800 CVE record
CVE.org
-
CVE-2024-11800 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-03