Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for FFRI AMC for ActSecure χ by NEC Corporation

    CVE-2024-40895 (GCVE-0-2024-40895)

    Vulnerability from nvd – Published: 2024-07-30 08:37 – Updated: 2024-08-02 04:39
    VLAI
    Summary
    FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • OS command injection
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    FFRI Security, Inc. FFRI AMC Affected: 3.4.0 to 3.5.3
    Create a notification for this product.
    NEC Corporation FFRI AMC for ActSecure χ Affected: 3.4.0 to 3.5.3
    Create a notification for this product.
    Sky Co., Ltd. EDR Plus Pack Affected: Bundled FFRI AMC versions 3.4.0 to 3.5.3
    Create a notification for this product.
    ffri ffri_amc Affected: 3.4.0 , < 3.5.3 (custom)
        cpe:2.3:a:ffri:ffri_amc:3.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    skygroup edr_plus_pack Affected: 3.4.0 , < 3.5.3 (custom)
        cpe:2.3:a:skygroup:edr_plus_pack:3.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    skygroup edr_plus_pack_cloud Affected: 3.4.0 , < 3.5.3 (custom)
        cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ffri:ffri_amc:3.4.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ffri_amc",
                "vendor": "ffri",
                "versions": [
                  {
                    "lessThan": "3.5.3",
                    "status": "affected",
                    "version": "3.4.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:skygroup:edr_plus_pack:3.4.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edr_plus_pack",
                "vendor": "skygroup",
                "versions": [
                  {
                    "lessThan": "3.5.3",
                    "status": "affected",
                    "version": "3.4.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.4.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edr_plus_pack_cloud",
                "vendor": "skygroup",
                "versions": [
                  {
                    "lessThan": "3.5.3",
                    "status": "affected",
                    "version": "3.4.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 6.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-40895",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-30T14:16:27.684515Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-31T17:31:56.655Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:39:55.373Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.ffri.jp/assets/files/other_docs/20240729.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.support.nec.co.jp/View.aspx?id=3140109694"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.skyseaclientview.net/news/240729_01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN26734798/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "FFRI AMC",
              "vendor": "FFRI Security, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0 to 3.5.3"
                }
              ]
            },
            {
              "product": "FFRI AMC for ActSecure \u03c7",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0 to 3.5.3"
                }
              ]
            },
            {
              "product": "EDR Plus Pack",
              "vendor": "Sky Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Bundled FFRI AMC versions 3.4.0 to 3.5.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-30T08:37:07.607Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.ffri.jp/assets/files/other_docs/20240729.pdf"
            },
            {
              "url": "https://www.support.nec.co.jp/View.aspx?id=3140109694"
            },
            {
              "url": "https://www.skyseaclientview.net/news/240729_01/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN26734798/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-40895",
        "datePublished": "2024-07-30T08:37:07.607Z",
        "dateReserved": "2024-07-12T03:00:58.480Z",
        "dateUpdated": "2024-08-02T04:39:55.373Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-40895 (GCVE-0-2024-40895)

    Vulnerability from cvelistv5 – Published: 2024-07-30 08:37 – Updated: 2024-08-02 04:39
    VLAI
    Summary
    FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • OS command injection
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    FFRI Security, Inc. FFRI AMC Affected: 3.4.0 to 3.5.3
    Create a notification for this product.
    NEC Corporation FFRI AMC for ActSecure χ Affected: 3.4.0 to 3.5.3
    Create a notification for this product.
    Sky Co., Ltd. EDR Plus Pack Affected: Bundled FFRI AMC versions 3.4.0 to 3.5.3
    Create a notification for this product.
    ffri ffri_amc Affected: 3.4.0 , < 3.5.3 (custom)
        cpe:2.3:a:ffri:ffri_amc:3.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    skygroup edr_plus_pack Affected: 3.4.0 , < 3.5.3 (custom)
        cpe:2.3:a:skygroup:edr_plus_pack:3.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    skygroup edr_plus_pack_cloud Affected: 3.4.0 , < 3.5.3 (custom)
        cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ffri:ffri_amc:3.4.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ffri_amc",
                "vendor": "ffri",
                "versions": [
                  {
                    "lessThan": "3.5.3",
                    "status": "affected",
                    "version": "3.4.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:skygroup:edr_plus_pack:3.4.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edr_plus_pack",
                "vendor": "skygroup",
                "versions": [
                  {
                    "lessThan": "3.5.3",
                    "status": "affected",
                    "version": "3.4.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.4.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edr_plus_pack_cloud",
                "vendor": "skygroup",
                "versions": [
                  {
                    "lessThan": "3.5.3",
                    "status": "affected",
                    "version": "3.4.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 6.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-40895",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-30T14:16:27.684515Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-31T17:31:56.655Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:39:55.373Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.ffri.jp/assets/files/other_docs/20240729.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.support.nec.co.jp/View.aspx?id=3140109694"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.skyseaclientview.net/news/240729_01/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN26734798/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "FFRI AMC",
              "vendor": "FFRI Security, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0 to 3.5.3"
                }
              ]
            },
            {
              "product": "FFRI AMC for ActSecure \u03c7",
              "vendor": "NEC Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0 to 3.5.3"
                }
              ]
            },
            {
              "product": "EDR Plus Pack",
              "vendor": "Sky Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Bundled FFRI AMC versions 3.4.0 to 3.5.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-30T08:37:07.607Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.ffri.jp/assets/files/other_docs/20240729.pdf"
            },
            {
              "url": "https://www.support.nec.co.jp/View.aspx?id=3140109694"
            },
            {
              "url": "https://www.skyseaclientview.net/news/240729_01/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN26734798/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-40895",
        "datePublished": "2024-07-30T08:37:07.607Z",
        "dateReserved": "2024-07-12T03:00:58.480Z",
        "dateUpdated": "2024-08-02T04:39:55.373Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }