[Japanese]
|
JVNDB-2023-000080
|
"FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly
|
"FFRI yarai" and "FFRI yarai Home and Business Edition" provided by FFRI Security, Inc. handle exceptional conditions improperly (CWE-703).
When the product's Windows Defender management feature is enabled, and Microsoft Defender detects some files matching specific conditions as a threat, the affected product may fail to handle this situation properly and stop working.
FFRI Security, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and FFRI Security, Inc. coordinated under the Information Security Early Warning Partnership.
|
CVSS V3 Severity: Base Metrics 4.3 (Medium) [IPA Score]
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
CVSS V2 Severity: Base Metrics 4.3 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: Medium
- Authentication: None
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Partial
|
|
Sky Co., LTD.
- EDR Pluspack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0)
- EDR Pluspack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0)
SOURCENEXT CORPORATION
- Double Protection Powered by FFRI yarai version 1.4.1
FFRI Security, Inc.
- FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0
- FFRI yarai Home and Business Edition version 1.4.0
Soliton Systems K.K.
- InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2
- Zerona versions 3.2.32 to 3.2.36
- Zerona PLUS Anti-malware versions 3.2.32 to 3.2.36
NEC Corporation
- ActSecure X versions 3.4.0 to 3.4.6 and 3.5.0
|
|
The affected product may stop working, and remain stopped for 15 minutes in maximum.
Note that, even in such a situation, Microsoft Defender keeps working.
The developer states that the product can be recovered by either of the following.
* Restart the system where the product is running
* Wait for automatic recovery (15 minutes maximum)
|
[Update the software]
Update the software to the latest version according to the information provided by the developer.
The following versions are provided to address the vulnerability:
* FFRI Security, Inc.
FFRI yarai versions 3.4.7 or 3.5.3
FFRI yarai Home and Business Edition version 1.4.2
* Soliton Systems K.K.
InfoTrace Mark II Malware Protection (Mark II Zerona) version 3.2.4
* NEC Corporation
ActSecure chi version 3.5.3
* SOURCENEXT CORPORATION
Dual Safe Powered by FFRI yarai version 1.4.2
* Sky Co., Ltd.
EDR Plus Pack (Bundled FFRI yarai versions 3.4.7 or 3.5.3)
EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.7 or 3.5.3)
[Apply the Workaround]
The following workaround may mitigate the impact of this vulnerability.
* Disable the Windows Defender management feature
For more information, refer to the information provided by the developer.
|
Sky Co., LTD.
SOURCENEXT CORPORATION
FFRI Security, Inc.
Soliton Systems K.K.
NEC Corporation
|
- No Mapping(CWE-Other) [IPA Evaluation]
|
- CVE-2023-39341
|
- JVN : JVN#42527152
- National Vulnerability Database (NVD) : CVE-2023-39341
|
- [2023/08/07]
Web page was published
- [2023/08/31]
Solution was modified
- [2024/03/28]
References : Content was added
|