14 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-7013

https://notcve.org/view.php?id=CVE-2024-7013

21 Aug 2024 — Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. • https://industry.panasonic.com/jp/ja/products/fasys/plc/software/fpwinpro7 • CWE-121: Stack-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-6315

https://notcve.org/view.php?id=CVE-2023-6315

19 Dec 2023 — Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. Una vulnerabilidad de lectura fuera de los límites en FPWin Pro versión 7.7.0.0 y todas las versiones anteriores puede permitir a los atacantes ejecutar código arbitrario a través de un archivo de proyecto especialmente manipulado. • https://industry.panasonic.eu/products/automation-devices-solutions/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-6314

https://notcve.org/view.php?id=CVE-2023-6314

19 Dec 2023 — Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. El desbordamiento de búfer en la región stack de la memoria en FPWin Pro versión 7.7.0.0 y todas las versiones anteriores puede permitir a los atacantes ejecutar código arbitrario a través de un archivo de proyecto especialmente manipulado. • https://industry.panasonic.eu/products/automation-devices-solutions/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-28730

https://notcve.org/view.php?id=CVE-2023-28730

21 Jul 2023 — A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-28729

https://notcve.org/view.php?id=CVE-2023-28729

21 Jul 2023 — A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-28728

https://notcve.org/view.php?id=CVE-2023-28728

21 Jul 2023 — A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-32972

https://notcve.org/view.php?id=CVE-2021-32972

09 Jul 2021 — Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software. Panasonic FPWIN Pro, todas las versiones 7.5.1.1 y anteriores, permite a un atacante diseñar un archivo de proyecto especificando un URI que causa al analizador XML acceder al URI e insertar el contenido, lo que... • https://us-cert.cisa.gov/ics/advisories/icsa-21-180-03 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-16236 – anasonic FPWIN Pro

https://notcve.org/view.php?id=CVE-2020-16236

14 Jan 2021 — FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code. FPWIN Pro es suceptible a una vulnerabilidad de lectura fuera de límites cuando un usuario abre un archivo de proyecto diseñado con fines maliciosos, lo que puede permitir a un atacante ejecutar código arbitrario remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Panasoni... • https://us-cert.cisa.gov/ics/advisories/icsa-21-005-02 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-6532 – Panasonic Control FPWIN PRO Project File Parsing sc_obj Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2019-6532

07 Jun 2019 — Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution. Panasonic FPWIN Pro, versión 7.3.0.0 y anteriores, permite que los archivos de proyecto creados por el atacante sean cargados por un usuario identificado que desencadena errores de tipo incompatible porque el recurso no presenta propiedades esperadas. Esto p... • http://www.securityfocus.com/bid/108683 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2019-6530 – Panasonic Control FPWIN PRO Project File Parsing sc_app Heap-based Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2019-6530

07 Jun 2019 — Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution. Panasonic FPWIN Pro, versión 7.3.0.0 y anteriores permite que los archivos de proyecto creados por el atacante sean cargados por un usuario autorizado causando desbordamientos de búfer en la región heap de la memoria, lo que puede conducir a la ejecución de código remota. This vulnerability allows remote attack... • http://www.securityfocus.com/bid/108683 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •