Fuji Electric s Tellus Lite V-Simulator and V-Server Lite are both affected by the vulnerabilities, which all carry a CVSS severity rating of 7.8.8. The security bugs require low skill level to exploit, according to an advisory from the Cybersecurity and Infrastructure Security Agency (CISA) The bugs are not exploitable remotely, so non-local attackers would have to gain initial access to the user’s computer before carrying out any malicious activities. The worst-case scenario would be an attacker executing a file that could cause extensive damage to manufacturing equipment.
Source: https://threatpost.com/industrial-gear-fuji-code-execution-bugs/163490/