CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34266 – Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-34266
31 May 2023 — Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result ... • https://www.zerodayinitiative.com/advisories/ZDI-23-764 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34273 – Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-34273
31 May 2023 — Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result ... • https://www.zerodayinitiative.com/advisories/ZDI-23-771 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2866 – FATEK Automation FvDesigner Out-of-bounds Write
https://notcve.org/view.php?id=CVE-2022-2866
25 Aug 2022 — FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of-bounds write while processing project files. If a valid user is tricked into using maliciously crafted project files, an attacker could achieve arbitrary code execution. FATEK FvDesigner versión 1.5.103 y anteriores, es vulnerable a una escritura fuera de límites mientras son procesados archivos de proyecto. Si es engañado a un usuario válido para que use archivos de proyecto mal diseñados, un atacante podría lograr una ejecución de códig... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-237-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25170 – ICSA-22-055-01 FATEK Automation FvDesigner
https://notcve.org/view.php?id=CVE-2022-25170
25 Feb 2022 — The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code El producto afectado es vulnerable a un desbordamiento del búfer en la región stack de la memoria mientras procesa archivos de proyecto, lo que puede permitir a un atacante ejecutar código arbitrario • https://www.cisa.gov/uscert/ics/advisories/icsa-22-055-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21209 – ICSA-22-055-01 FATEK Automation FvDesigner
https://notcve.org/view.php?id=CVE-2022-21209
25 Feb 2022 — The affected product is vulnerable to an out-of-bounds read while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution. El producto afectado es vulnerable a una lectura fuera de límites mientras son procesados archivos de proyecto, lo que permite a un atacante diseñar un archivo de proyecto que permita una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Auto... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-055-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23985 – ICSA-22-055-01 FATEK Automation FvDesigner
https://notcve.org/view.php?id=CVE-2022-23985
25 Feb 2022 — The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution. El producto afectado es vulnerable a una escritura fuera de límites mientras procesa archivos de proyecto, lo que permite a un atacante diseñar un archivo de proyecto que permita la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automatio... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-055-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43554 – FATEK Automation WinProladder
https://notcve.org/view.php?id=CVE-2021-43554
28 Dec 2021 — FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. FATEK WinProladder versiones 3.30_24518 y anteriores, son vulnerables a una escritura fuera de límites mientras son procesados archivos de proyecto, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation WinProla... • https://us-cert.cisa.gov/ics/advisories/icsa-21-320-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43556 – FATEK Automation WinProladder
https://notcve.org/view.php?id=CVE-2021-43556
28 Dec 2021 — FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code. Las versiones 3.30_24518 y anteriores de FATEK WinProladder son vulnerables a un desbordamiento del búfer en la región stack de la memoria mientras son procesados archivos de proyecto, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected... • https://us-cert.cisa.gov/ics/advisories/icsa-21-320-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38436 – FATEK Automation WinProladder
https://notcve.org/view.php?id=CVE-2021-38436
18 Oct 2021 — FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. FATEK Automation WinProladder versiones 3.30 y anteriores, no comprueba correctamente los datos suministrados por el usuario cuando analiza los archivos de proyecto, que podría resultar en una condición de corrupción de ... • https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38432 – FATEK Automation Communication Server
https://notcve.org/view.php?id=CVE-2021-38432
14 Oct 2021 — FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code. FATEK Automation Communication Server versiones anteriores a 1.13, no comprueban correctamente los datos suministrados por el usuario, que podría resultar en una condición de desbordamiento del búfer en la región stack de la memoria y permitir a un atacante ejecutar código de forma remota Thi... • https://us-cert.cisa.gov/ics/advisories/icsa-21-280-07 • CWE-121: Stack-based Buffer Overflow •