CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32992
https://notcve.org/view.php?id=CVE-2021-32992
FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code. FATEK Automation WinProladder Versiones 3.30 y anteriores, no restringen apropiadamente las operaciones dentro de los límites de un buffer de memoria, lo que puede permitir a un atacante ejecutar código arbitrario • https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32990
https://notcve.org/view.php?id=CVE-2021-32990
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. FATEK Automation WinProladder Versiones 3.30 y anteriores, son vulnerables a una lectura fuera de límites, lo que puede permitir a un atacante ejecutar código arbitrario • https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27486
https://notcve.org/view.php?id=CVE-2021-27486
FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. Fatek Automation WinProladder versiones 3.30 y anteriores, es vulnerable a un subdesbordamiento de enteros, que puede causar una escritura fuera de límites y permitir a un atacante ejecutar código arbitrario • https://us-cert.cisa.gov/ics/advisories/icsa-21-098-01 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16234 – FATEK Automation PLC WinProladder
https://notcve.org/view.php?id=CVE-2020-16234
In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code. En PLC WinProladder versión 3.28 y anteriores, se puede aprovechar una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria cuando un usuario válido abre un archivo especialmente diseñado, lo que puede permitir a un atacante ejecutar código arbitrario de forma remota • https://us-cert.cisa.gov/ics/advisories/icsa-20-254-02 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.0EPSS: 6%CPEs: 2EXPL: 1CVE-2016-8377 – Fatek Automation PLC WinProladder Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-8377
An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured Exception Handler (SEH) overwrite condition that may allow remote code execution. Ha sido descubierto un problema en Fatek Automation PLC WinProladder Version 3.11 Build 14701. Una vulnerabilidad de desbordamiento de búfer basado en pila existe cuando la aplicación de software se conecta a un servidor malicioso, resultando en un desbordamiento de búfer en pila. • https://www.exploit-db.com/exploits/42700 http://www.securityfocus.com/bid/94938 https://ics-cert.us-cert.gov/advisories/ICSA-16-350-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •