CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7013
https://notcve.org/view.php?id=CVE-2024-7013
Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. • https://industry.panasonic.com/jp/ja/products/fasys/plc/software/fpwinpro7 https://industry.panasonic.eu/products/automation-devices-solutions/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28730
https://notcve.org/view.php?id=CVE-2023-28730
A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28729
https://notcve.org/view.php?id=CVE-2023-28729
A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28728
https://notcve.org/view.php?id=CVE-2023-28728
A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. • https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6532 – Panasonic Control FPWIN PRO Project File Parsing sc_obj Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6532
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution. Panasonic FPWIN Pro, versión 7.3.0.0 y anteriores, permite que los archivos de proyecto creados por el atacante sean cargados por un usuario identificado que desencadena errores de tipo incompatible porque el recurso no presenta propiedades esperadas. Esto puede conducir a la ejecución de código remota. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic Control FPWin Pro. • http://www.securityfocus.com/bid/108683 https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 https://www.zerodayinitiative.com/advisories/ZDI-19-566 https://www.zerodayinitiative.com/advisories/ZDI-19-568 https://www.zerodayinitiative.com/advisories/ZDI-19-570 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •