CHOCO TEI WATCHER mini is a software used for monitoring and controlling the behavior of certain devices. It's not widely known outside of specific industries, but it poses a risk if exploited due to its potential to consume system resources abnormally when in a specific communication state.
You're affected if you use CHOCO TEI WATCHER mini version 1.0.2 or earlier. Check with: ls /usr/local/bin/choco-tei-watchermi (Note: This check command is specific to Unix-based systems and may not work on other operating systems.)
If you don't recognize the name "CHOCO TEI WATCHER mini," you're probably not affected, as it's a niche software used by specific organizations.
Version info: Not specified in the advisory.
Upgrade to version 1.0.3 or later from the official website: https://www.inaba.co.jp/files/chocomini_vulnerability_newly_identified.pdf
- Immediate mitigations:
- Restrict network access to your CHOCO TEI WATCHER mini instance (firewall it from the public internet)
- Audit system resource consumption for suspicious patterns