CVE-2024-47135
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files.
Existe una vulnerabilidad de desbordamiento de búfer basado en pila en el software de programación de PLC Kostac (nombre anterior: software de programación de PLC Koyo) versión 1.6.14.0 y anteriores. Si un usuario abre un archivo de proyecto especialmente manipulado que se guardó con el software de programación de PLC Kostac versión 1.6.9.0 y anteriores, puede provocar una condición de denegación de servicio (DoS), ejecución de código arbitrario o divulgación de información debido a que los problemas existen en el análisis de los archivos de proyecto de KPP.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-09-18 CVE Reserved
- 2024-10-03 CVE Published
- 2024-10-03 CVE Updated
- 2024-10-16 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-121: Stack-based Buffer Overflow
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://jvn.jp/en/vu/JVNVU92808077 | ||
https://www.electronics.jtekt.co.jp/en/topics/202410026928 | ||
https://www.electronics.jtekt.co.jp/jp/topics/2024100217388 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
JTEKT ELECTRONICS CORPORATION Search vendor "JTEKT ELECTRONICS CORPORATION" | Kostac PLC Programming Software (Former Name Koyo PLC Programming Software) Search vendor "JTEKT ELECTRONICS CORPORATION" for product "Kostac PLC Programming Software (Former Name Koyo PLC Programming Software)" | 1.6.14.0 Search vendor "JTEKT ELECTRONICS CORPORATION" for product "Kostac PLC Programming Software (Former Name Koyo PLC Programming Software)" and version "1.6.14.0" | en |
Affected
|