165 matches found
CVE-2021-38440
FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information...
Out-of-bounds
FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information...
Stack overflow
FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code...
Heap overflow
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process...
Default credentials
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code...
Memory corruption
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...
Code injection
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code...
Design/Logic Flaw
A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution...
CVE-2021-38436
FATEK Automation WinProladder is affected (versions 3.30 and prior). The issue arises from a lack of proper validation of user-supplied data when parsing project files, leading to memory corruption that could enable arbitrary code execution in the current process. The CVE is tracked as CVE-2021-3...
CVE-2021-38436 FATEK Automation WinProladder
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2021-38438
This CVE-2021-38438 affects FATEK Automation WinProladder (versions 3.30 and earlier). The vulnerability is a use-after-free in the PDW/project file parsing, which may be triggered when a valid user opens a malformed project file and can lead to arbitrary code execution. The issue is described ac...
CVE-2021-38438 FATEK Automation WinProladder
A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution...
CVE-2021-38434
CVE-2021-38434 affects FATEK Automation WinProladder (versions 3.30 and prior). The connected sources describe a vulnerability in parsing project files where user-supplied data is not properly validated, leading to an unexpected sign extension that could enable arbitrary code execution. Public ad...
CVE-2021-38434 FATEK Automation WinProladder
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code...
CVE-2021-38440 FATEK Automation WinProladder
FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information...
CVE-2021-38440
FATEK Automation WinProladder (PDW parsing) is affected by CVE-2021-38440: an out-of-bounds read in WinProladder versions 3.30 and earlier can disclose unauthorized information. The vulnerability exists in parsing PDW files and may be exploited by remote attackers. Exploitation requires user inte...
CVE-2021-38442
CVE-2021-38442 affects FATEK Automation WinProladder, with vulnerable PDW/PLC configuration data handling in WinProladder versions 3.30 and earlier. The root cause, as described across multiple sources, is improper validation of user-supplied data during PDW file parsing, leading to memory corrup...
CVE-2021-38442 FATEK Automation WinProladder
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process...
CVE-2021-38426 FATEK Automation WinProladder
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code...
CVE-2021-38426
FATEK WinProladder (versions 3.30 and prior) is affected by CVE-2021-38426 due to improper validation of user-supplied data when parsing project files, causing an out-of-bounds write. The vulnerability can lead to arbitrary code execution. Public exploitation details are provided by ZDI-21-1169, ...