Lucene search
HistoryAug 31, 2022 - 4:15 p.m.
CVE-2022-2866
fatek
fvdesigner
cve-2022-2866
vulnerability
arbitrary code execution
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
34.7%
FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of-bounds write while processing project files. If a valid user is tricked into using maliciously crafted project files, an attacker could achieve arbitrary code execution.
Affected configurations
Node
fatekfvdesignerRange≤1.5.103
| CPE | Name | Operator | Version |
|---|---|---|---|
| fatek:fvdesigner | fatek fvdesigner | le | 1.5.103 |
CNA Affected
[
{
"product": "FvDesigner",
"vendor": "FATEK Automation",
"versions": [
{
"lessThanOrEqual": "1.5.103",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Social References
More
Related
zdi
zdi
prion
prion
Out-of-bounds
2022-08-31 16:15:00
cvelist
cvelist
CVE-2022-2866 FATEK Automation FvDesigner Out-of-bounds Write
2022-08-31 15:59:34
nvd
nvd
CVE-2022-2866
2022-08-31 16:15:11
ics
ics
FATEK Automation FvDesigner
2022-08-25 12:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
34.7%
Related for CVE-2022-2866