Lucene search
IcscertCVELIST:CVE-2021-38438HistoryOct 07, 2021 - 12:00 a.m.
CVE-2021-38438 FATEK Automation WinProladder
2021-10-0700:00:00
CWE-416
icscert
www.cve.org
1
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
51.6%
A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution.
CNA Affected
[
{
"product": "WinProladder",
"vendor": "FATEK Automation",
"versions": [
{
"lessThanOrEqual": "3.30",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-38438
2021-10-18 13:15:09
cnvd
cnvd
FATEK Automation WinProladder Resource Management Error Vulnerability
2021-10-08 00:00:00
prion
prion
Design/Logic Flaw
2021-10-18 13:15:00
cve
cve
CVE-2021-38438
2021-10-18 13:15:09
zdi
zdi
ics
ics
FATEK Automation WinProladder
2021-11-16 12:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
51.6%
Related for CVELIST:CVE-2021-38438