CVE-2021-32992
https://notcve.org/view.php?id=CVE-2021-32992
FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code. FATEK Automation WinProladder Versiones 3.30 y anteriores, no restringen apropiadamente las operaciones dentro de los límites de un buffer de memoria, lo que puede permitir a un atacante ejecutar código arbitrario • https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2021-32990
https://notcve.org/view.php?id=CVE-2021-32990
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. FATEK Automation WinProladder Versiones 3.30 y anteriores, son vulnerables a una lectura fuera de límites, lo que puede permitir a un atacante ejecutar código arbitrario • https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01 • CWE-125: Out-of-bounds Read •
CVE-2021-27486
https://notcve.org/view.php?id=CVE-2021-27486
FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. Fatek Automation WinProladder versiones 3.30 y anteriores, es vulnerable a un subdesbordamiento de enteros, que puede causar una escritura fuera de límites y permitir a un atacante ejecutar código arbitrario • https://us-cert.cisa.gov/ics/advisories/icsa-21-098-01 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2021-22683 – Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22683
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. Fatek FvDesigner versiones 1.5.76 y anteriores, es vulnerable a una escritura fuera de límites mientras procesa archivos de proyecto, lo que permite a un atacante diseñar un archivo de proyecto especial que puede permitir una ejecución de código arbitraria This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://us-cert.cisa.gov/ics/advisories/icsa-21-056-02 • CWE-787: Out-of-bounds Write •
CVE-2021-22638 – Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22638
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. Fatek FvDesigner versiones 1.5.76 y anteriores, es vulnerable a una lectura fuera de límites mientras procesa archivos de proyecto, permitiendo a un atacante diseñar un archivo de proyecto especial que puede permitir una ejecución de código arbitraria This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://us-cert.cisa.gov/ics/advisories/icsa-21-056-02 • CWE-125: Out-of-bounds Read •