{"api_version":"1","generated_at":"2026-04-23T06:19:58+00:00","cve":"CVE-2023-39341","urls":{"html":"https://cve.report/CVE-2023-39341","api":"https://cve.report/api/cve/CVE-2023-39341.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-39341","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-39341"},"summary":{"title":"CVE-2023-39341","description":"\"FFRI yarai\", \"FFRI yarai Home and Business Edition\" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. \r\nAffected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).","state":"PUBLIC","assigner":"vultures@jpcert.or.jp","published_at":"2023-08-09 03:15:00","updated_at":"2023-11-07 04:17:00"},"problem_types":["CWE-755"],"metrics":[],"references":[{"url":"https://www.skyseaclientview.net/news/230807_01/","name":"https://www.skyseaclientview.net/news/230807_01/","refsource":"MISC","tags":[],"title":"『EDRプラスパック』および『EDRプラスパックCloud』に同梱しているFFRI yaraiの脆弱性（CVE-2023-39341）｜ITセキュリティ対策とリスクの発見を支援 SKYSEA Client View","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://jvn.jp/en/jp/JVN42527152/","name":"https://jvn.jp/en/jp/JVN42527152/","refsource":"MISC","tags":[],"title":"JVN#42527152: \"FFRI yarai\" and \"FFRI yarai Home and Business Edition\" handle exceptional conditions improperly","mime":"text/xml","httpstatus":"200","archivestatus":"404"},{"url":"https://www.sourcenext.com/support/i/2023/230718_01","name":"https://www.sourcenext.com/support/i/2023/230718_01","refsource":"MISC","tags":[],"title":"「二重の安心 Powered by FFRI yarai」の脆弱性と修正完了に関するお知らせ(2023.08.07)HTMLタイトル｜ソースネクスト総合サポート","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.ffri.jp/security-info/index.htm","name":"https://www.ffri.jp/security-info/index.htm","refsource":"MISC","tags":[],"title":"【重要】製品の脆弱性対応｜株式会社ＦＦＲＩセキュリティ-サイバーセキュリティ、エンドポイントセキュリティ","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.support.nec.co.jp/View.aspx?id=3140109240","name":"https://www.support.nec.co.jp/View.aspx?id=3140109240","refsource":"MISC","tags":[],"title":"ログイン | NEC","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.soliton.co.jp/support/zerona_notice_2023.html","name":"https://www.soliton.co.jp/support/zerona_notice_2023.html","refsource":"MISC","tags":[],"title":"【重要】Zerona 特定条件下で(マルウェア防御/マルウェア対策)機能が一時停止する脆弱性について | サポート | ソリトンシステムズ","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-39341","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39341","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ffri","cpe5":"dual_safe","cpe6":"1.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ffri","cpe5":"ffri_yarai","cpe6":"1.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"home_and_business","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ffri","cpe5":"ffri_yarai","cpe6":"3.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"3.4.6","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ffri","cpe5":"ffri_yarai","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nec","cpe5":"actsecure_x_managed_security_service","cpe6":"3.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"3.4.6","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nec","cpe5":"actsecure_x_managed_security_service","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"skygroup","cpe5":"edr_plus_pack","cpe6":"3.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"3.4.6","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"skygroup","cpe5":"edr_plus_pack","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"skygroup","cpe5":"edr_plus_pack_cloud","cpe6":"3.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"3.4.6","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"skygroup","cpe5":"edr_plus_pack_cloud","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"3.2.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"soliton","cpe5":"infotrace_mark_ii_malware_protection","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"3.2.36","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"soliton","cpe5":"zerona","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"39341","vulnerable":"1","versionEndIncluding":"3.2.36","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"soliton","cpe5":"zerona_plus","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-39341","ASSIGNER":"vultures@jpcert.or.jp","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"\"FFRI yarai\", \"FFRI yarai Home and Business Edition\" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. \r\nAffected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0)."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Improper check or handling of exceptional conditions"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"FFRI Security, Inc. ","product":{"product_data":[{"product_name":"FFRI yarai","version":{"version_data":[{"version_affected":"=","version_value":"versions 3.4.0 to 3.4.6 and 3.5.0"}]}},{"product_name":"FFRI yarai Home and Business Edition","version":{"version_data":[{"version_affected":"=","version_value":"version 1.4.0"}]}}]}},{"vendor_name":"Soliton Systems K.K.","product":{"product_data":[{"product_name":"InfoTrace Mark II Malware Protection (Mark II Zerona)","version":{"version_data":[{"version_affected":"=","version_value":"versions 3.0.1 to 3.2.2"}]}},{"product_name":"Zerona / Zerona PLUS","version":{"version_data":[{"version_affected":"=","version_value":" versions 3.2.32 to 3.2.36"}]}}]}},{"vendor_name":"NEC Corporation","product":{"product_data":[{"product_name":"ActSecure χ","version":{"version_data":[{"version_affected":"=","version_value":"versions 3.4.0 to 3.4.6 and 3.5.0"}]}}]}},{"vendor_name":"SOURCENEXT CORPORATION ","product":{"product_data":[{"product_name":"Dual Safe Powered by FFRI yarai","version":{"version_data":[{"version_affected":"=","version_value":"version 1.4.1"}]}}]}},{"vendor_name":"Sky Co., Ltd.","product":{"product_data":[{"product_name":"EDR Plus Pack","version":{"version_data":[{"version_affected":"=","version_value":"Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0"}]}},{"product_name":"EDR Plus Pack Cloud","version":{"version_data":[{"version_affected":"=","version_value":"Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0"}]}}]}}]}},"references":{"reference_data":[{"url":"https://www.ffri.jp/security-info/index.htm","refsource":"MISC","name":"https://www.ffri.jp/security-info/index.htm"},{"url":"https://www.soliton.co.jp/support/zerona_notice_2023.html","refsource":"MISC","name":"https://www.soliton.co.jp/support/zerona_notice_2023.html"},{"url":"https://www.support.nec.co.jp/View.aspx?id=3140109240","refsource":"MISC","name":"https://www.support.nec.co.jp/View.aspx?id=3140109240"},{"url":"https://www.sourcenext.com/support/i/2023/230718_01","refsource":"MISC","name":"https://www.sourcenext.com/support/i/2023/230718_01"},{"url":"https://www.skyseaclientview.net/news/230807_01/","refsource":"MISC","name":"https://www.skyseaclientview.net/news/230807_01/"},{"url":"https://jvn.jp/en/jp/JVN42527152/","refsource":"MISC","name":"https://jvn.jp/en/jp/JVN42527152/"}]}},"nvd":{"publishedDate":"2023-08-09 03:15:00","lastModifiedDate":"2023-11-07 04:17:00","problem_types":["CWE-755"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW","baseScore":3.3,"baseSeverity":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:ffri:ffri_yarai:1.4.0:*:*:*:home_and_business:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:ffri:ffri_yarai:*:*:*:*:-:*:*:*","versionStartIncluding":"3.4.0","versionEndIncluding":"3.4.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:ffri:ffri_yarai:3.5.0:*:*:*:-:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:ffri:dual_safe:1.4.1:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:soliton:zerona:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.32","versionEndIncluding":"3.2.36","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:soliton:zerona_plus:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.32","versionEndIncluding":"3.2.36","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:soliton:infotrace_mark_ii_malware_protection:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.1","versionEndIncluding":"3.2.2","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nec:actsecure_x_managed_security_service:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.0","versionEndIncluding":"3.4.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nec:actsecure_x_managed_security_service:3.5.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:skygroup:edr_plus_pack:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.0","versionEndIncluding":"3.4.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:skygroup:edr_plus_pack_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.0","versionEndIncluding":"3.4.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:skygroup:edr_plus_pack_cloud:3.5.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:skygroup:edr_plus_pack:3.5.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}