CVE-2023-39341

LOW

Ffri Dual Safe < 3.4.6 - Improper Exception Handling

Title source: rule

Description

"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).

References (6)

[Third Party Advisory] https://jvn.jp/en/jp/JVN42527152/

[Vendor Advisory] https://www.ffri.jp/security-info/index.htm

[Third Party Advisory] https://www.skyseaclientview.net/news/230807_01/

[Third Party Advisory] https://www.soliton.co.jp/support/zerona_notice_2023.html

[Third Party Advisory] https://www.sourcenext.com/support/i/2023/230718_01

[Permissions Required] https://www.support.nec.co.jp/View.aspx?id=3140109240

Scores

CVSS v3 3.3

EPSS 0.0003

EPSS Percentile 7.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-755

Status published

Products (13)

ffri/dual_safe 1.4.1

ffri/ffri_yarai 1.4.0

ffri/ffri_yarai 3.5.0

ffri/ffri_yarai 3.4.0 - 3.4.6

nec/actsecure_x_managed_security_service 3.5.0

nec/actsecure_x_managed_security_service 3.4.0 - 3.4.6

skygroup/edr_plus_pack 3.5.0

skygroup/edr_plus_pack 3.4.0 - 3.4.6

skygroup/edr_plus_pack_cloud 3.5.0

skygroup/edr_plus_pack_cloud 3.4.0 - 3.4.6

... and 3 more

Published Aug 09, 2023

Tracked Since Feb 18, 2026