BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityCISA·22d ago

Fuji Electric Tellus

p a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-01.json" strong View CSAF /strong /a /p h2 Summary /h2 p strong Successful exploitation of this vulnerability could allow an attacker to elevate privileges from user to system, which may then enable the attacker to cause a temporary denial of service, open files, or delete files. /strong /p p The following versions of Fuji Electric Tellus are affected: /p ul li Tellus 5.0.2 /li /ul div class="csaf-table" table class="tablesaw tablesaw-stack" data-tablesaw-mode="stack" data-tablesaw-minimap thead tr th role="columnheader" data-tablesaw-priority="persist" CVSS /th th role="columnheader" Vendor /th th role="columnheader" Equipment /th th role="columnheader" Vulnerabilities /th /tr /thead tbody tr td v3 7.8 /td td Fuji Electric /td td Fuji Electric Tellus /td td Exposed Dangerous Method or Function /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Critical Manufacturing /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Japan /li /ul hr h2 Vulnerabilities /h2 div class="csaf-accordion" p a class="csaf-accordion-toggle-all" href="#" Expand All + /a /p div class="csaf-accordion-item" h3 a class="csaf-accordion-toggle" href="#" CVE-2026-8108 /a /h3 div class="csaf-accordion-content" p The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions. /p p a href="https://www.cve.org/CVERecord?id=CVE-2026-8108" View CVE Details /a /p hr h4 Affected Products /h4 h5 Fuji Electric Tellus /h5 div class="ics-vendor-version-status" div class="ics-vendor" strong Vendor: /strong br Fuji Electric /div div class="ics-version" strong Product Version: /strong br Fuji Electric Tellus: 5.0.2 /div div class="ics-status" strong Product Status: /strong br known_affected /div /div div class="ics-remediations" h6 Remediations /h6 p strong Vendor fix /strong br Fuji Electric recommends that Tellus be installed only with administrator privileges. /p /div p strong Relevant CWE: /strong a href="https://cwe.mitre.org/data/definitions/749.html" CWE-749 Exposed Dangerous Method or Function /a /p hr h4 Metrics /h4 div class="csaf-table csaf-metrics-table" table class="tablesaw tablesaw-stack" data-tablesaw-mode="stack" data-tablesaw-minimap thead tr th role="columnheader" data-tablesaw-priority="persist" CVSS Version /th th role="columnheader" Base Score /th th role="columnheader" Base Severity /th th role="columnheader" Vector String /th /tr /thead tbody tr td 3.1 /td td 7.8 /td td HIGH /td td a href="https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H /a /td /tr /tbody /table /div /div /div /div hr h2 Acknowledgments /h2 ul li Kim Myung-gyu of Trend Micro Zero Day Initiative reported this vulnerability to CISA /li /ul hr h2 Legal Notice and Terms of Use /h2 p

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by CISA

Source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-01

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin