CVE-2023-3471
https://notcve.org/view.php?id=CVE-2023-3471
Buffer overflow vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code. La vulnerabilidad de desbordamiento de búfer en las versiones 1.00 a 2.82 de Panasonic KW Watcher puede permitir a los atacantes ejecutar código arbitrario. • https://www3.panasonic.biz/ac/e/fasys/software_info/eco/kwwatcher_versioninfo.jsp https://www3.panasonic.biz/ac/j/fasys/software_info/eco/tol_kwwatcher.jsp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-28730
https://notcve.org/view.php?id=CVE-2023-28730
A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2023-28729
https://notcve.org/view.php?id=CVE-2023-28729
A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-28728
https://notcve.org/view.php?id=CVE-2023-28728
A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-28727
https://notcve.org/view.php?id=CVE-2023-28727
Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forwarded-For headers. • https://www2.panasonic.biz/jp/densetsu/aiseg/firmup_info.html • CWE-287: Improper Authentication •