Lucene search
IcscertCVELIST:CVE-2022-21209HistoryFeb 25, 2022 - 6:10 p.m.
CVE-2022-21209 ICSA-22-055-01 FATEK Automation FvDesigner
2022-02-2518:10:54
CWE-125
icscert
www.cve.org
3
cve-2022-21209
icsa-22-055-01
fatek automation
out-of-bounds read
arbitrary code execution
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
57.6%
The affected product is vulnerable to an out-of-bounds read while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.
CNA Affected
[
{
"product": "FvDesigner",
"vendor": "FATEK Automation",
"versions": [
{
"lessThanOrEqual": "1.5.100",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-21209
2022-02-25 19:15:22
cnvd
cnvd
FATEK Automation FvDesigner Buffer Overflow Vulnerability (CNVD-2022-21227)
2022-02-25 00:00:00
nvd
nvd
CVE-2022-21209
2022-02-25 19:15:22
zdi
zdi
prion
prion
Out-of-bounds
2022-02-25 19:15:00
ics
ics
FATEK Automation FvDesigner
2022-02-24 12:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
57.6%
Related for CVELIST:CVE-2022-21209