Lucene search
IcscertCVELIST:CVE-2022-25170HistoryFeb 22, 2022 - 12:00 a.m.
CVE-2022-25170 ICSA-22-055-01 FATEK Automation FvDesigner
2022-02-2200:00:00
CWE-121
icscert
www.cve.org
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
47.8%
The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code
CNA Affected
[
{
"product": "FvDesigner",
"vendor": "FATEK Automation",
"versions": [
{
"lessThanOrEqual": "1.5.100",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-25170
2022-02-25 19:15:25
cve
cve
CVE-2022-25170
2022-02-25 19:15:25
cnvd
cnvd
FATEK Automation FvDesigner Buffer Overflow Vulnerability (CNVD-2022-21229)
2022-02-25 00:00:00
prion
prion
Stack overflow
2022-02-25 19:15:00
ics
ics
FATEK Automation FvDesigner
2022-02-24 12:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
47.8%
Related for CVELIST:CVE-2022-25170