CVE-2023-39341
First published: Wed Aug 09 2023(Updated: )
"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure ? versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).
Credit: vultures@jpcert.or.jp vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ffri Dual Safe | =1.4.1 | |
| Ffri Ffri Yarai | >=3.4.0<=3.4.6 | |
| Ffri Ffri Yarai | =1.4.0 | |
| Ffri Ffri Yarai | =3.5.0 | |
| Soliton Infotrace Mark Ii Malware Protection | >=3.0.1<=3.2.2 | |
| Soliton Zerona | >=3.2.32<=3.2.36 | |
| Soliton Zerona Plus | >=3.2.32<=3.2.36 | |
| Nec Actsecure X Managed Security Service | >=3.4.0<=3.4.6 | |
| Nec Actsecure X Managed Security Service | =3.5.0 | |
| Skygroup Edr Plus Pack | >=3.4.0<=3.4.6 | |
| Skygroup Edr Plus Pack | =3.5.0 | |
| Skygroup Edr Plus Pack Cloud | >=3.4.0<=3.4.6 | |
| Skygroup Edr Plus Pack Cloud | =3.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-39341.
What is the severity of CVE-2023-39341?
The severity of CVE-2023-39341 is low, with a severity value of 3.3.
Which products are affected by CVE-2023-39341?
The affected products for CVE-2023-39341 include FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, and various OEM products.
How does CVE-2023-39341 impact the affected products?
CVE-2023-39341 can lead to a denial-of-service (DoS) condition in the affected products.
Are there any references available for CVE-2023-39341?
Yes, you can find references for CVE-2023-39341 at the following links: [Reference 1](https://jvn.jp/en/jp/JVN42527152/), [Reference 2](https://www.ffri.jp/security-info/index.htm), [Reference 3](https://www.skyseaclientview.net/news/230807_01/).
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/ffri
- canonical/ffri dual safe
- version/ffri dual safe/1.4.1
- canonical/ffri ffri yarai
- version/ffri ffri yarai/3.4.0
- version/ffri ffri yarai/3.4.6
- version/ffri ffri yarai/1.4.0
- version/ffri ffri yarai/3.5.0
- vendor/soliton
- canonical/soliton infotrace mark ii malware protection
- version/soliton infotrace mark ii malware protection/3.0.1
- version/soliton infotrace mark ii malware protection/3.2.2
- canonical/soliton zerona
- version/soliton zerona/3.2.32
- version/soliton zerona/3.2.36
- canonical/soliton zerona plus
- version/soliton zerona plus/3.2.32
- version/soliton zerona plus/3.2.36
- vendor/nec
- canonical/nec actsecure x managed security service
- version/nec actsecure x managed security service/3.4.0
- version/nec actsecure x managed security service/3.4.6
- version/nec actsecure x managed security service/3.5.0
- vendor/skygroup
- canonical/skygroup edr plus pack
- version/skygroup edr plus pack/3.4.0
- version/skygroup edr plus pack/3.4.6
- version/skygroup edr plus pack/3.5.0
- canonical/skygroup edr plus pack cloud
- version/skygroup edr plus pack cloud/3.4.0
- version/skygroup edr plus pack cloud/3.4.6
- version/skygroup edr plus pack cloud/3.5.0