CVE-2023-39341

LOW EPSS 20.2%
Published Aug 9, 20232y ago · Modified Jun 17, 20262w ago
3.3 CVSS 3.1
Low
Find Similar
Published Aug 9, 2023 2y ago
Last Modified Jun 17, 2026 2w ago

Description

"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).

CVSS Details

Base Score
3.3
Exploitability
1.8
Impact
1.4
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity None
Availability Low

Threat Intelligence

EPSS Exploit Probability
20.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-755

Affected Products 13

VendorProductVersionRange
ffridual_safe1.4.1any
ffriffri_yarai*≥3.4.0  –  ≤3.4.6
ffriffri_yarai1.4.0any
ffriffri_yarai3.5.0any
solitoninfotrace_mark_ii_malware_protection*≥3.0.1  –  ≤3.2.2
solitonzerona*≥3.2.32  –  ≤3.2.36
solitonzerona_plus*≥3.2.32  –  ≤3.2.36
necactsecure_x_managed_security_service*≥3.4.0  –  ≤3.4.6
necactsecure_x_managed_security_service3.5.0any
skygroupedr_plus_pack*≥3.4.0  –  ≤3.4.6
skygroupedr_plus_pack3.5.0any
skygroupedr_plus_pack_cloud*≥3.4.0  –  ≤3.4.6
skygroupedr_plus_pack_cloud3.5.0any

References 6

  • jvn.jp https://jvn.jp/en/jp/JVN42527152/
    Third Party Advisory
  • ffri.jp https://www.ffri.jp/security-info/index.htm
    Vendor Advisory
  • skyseaclientview.net https://www.skyseaclientview.net/news/230807_01/
    Third Party Advisory
  • soliton.co.jp https://www.soliton.co.jp/support/zerona_notice_2023.html
    Third Party Advisory
  • sourcenext.com https://www.sourcenext.com/support/i/2023/230718_01
    Third Party Advisory
  • support.nec.co.jp https://www.support.nec.co.jp/View.aspx?id=3140109240
    Permissions Required

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.