33 matches found
EUVD-2020-8209
Malware in sbrugna...
EUVD-2018-2686
Malware in sbrugna...
EUVD-2018-2682
Malware in sbrugna...
CVE-2020-25186
An XXE vulnerability exists within LeviStudioU Release Build 2019-09-21 and prior when processing parameter entities, which may allow file disclosure...
(0Day) WECON LeviStudioU UMP File Parsing XY Tag WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X...
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
WECON LeviStudioU UMP File Parsing XY Tag WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X...
WECON LeviStudioU XML File Parsing BitAddr Tag ContralAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
CVE-2021-23138
CVE-2021-23138 concerns WECON LeviStudioU, with multiple ZDI advisories detailing stack-based buffer overflow vulnerabilities in XML/UMP file parsing. The root cause across advisories is improper validation of user-supplied data lengths when parsing various Add, PLCAddr1, DstAddr, HmiSet, XY, Bit...
CVE-2021-23157
Summary: CVE-2021-23157 affects WECON LeviStudioU, versions 2019-09-21 and earlier. The issue is a heap-based buffer overflow in the UMP file parsing path, specifically in the ScreenInfo attributes ScrnName and ScrnFile, which can lead to remote code execution. The ZDI advisories confirm remote c...
WECON LeviStudioU
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code execution. 3. TECHNICAL...
WECON LeviStudioU
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Technology Co., Ltd WECON Equipment: LeviStudioU Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS...
CVE-2020-16243
Multiple buffer overflow vulnerabilities exist when LeviStudioU Version 2019-09-21 and prior processes project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application...
Buffer overflow
Multiple buffer overflow vulnerabilities exist when LeviStudioU Version 2019-09-21 and prior processes project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application...
CVE-2020-16243
CVE-2020-16243 affects LeviStudioU (Release Build 2019-09-21 and prior). The vulnerability stems from multiple buffer overflow flaws when processing project files, including stack-based and heap-based overflows, which could allow an attacker to execute code with the application's privileges after...
CVE-2020-16243
Multiple buffer overflow vulnerabilities exist when LeviStudioU Version 2019-09-21 and prior processes project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application...
CVE-2020-25186
An XXE vulnerability exists within LeviStudioU Release Build 2019-09-21 and prior when processing parameter entities, which may allow file disclosure...
Arbitrary file deletion
An XXE vulnerability exists within LeviStudioU Release Build 2019-09-21 and prior when processing parameter entities, which may allow file disclosure...
CVE-2020-25186
CVE-2020-25186 is an XXE vulnerability in LeviStudioU Release Build 2019-09-21 and earlier, caused by improper processing of parameter entities that can disclose files. Affected product: LeviStudioU. Impact: information disclosure (per CVSSv3 base 7.5; HIGH; network access; no privileges; no user...
CVE-2020-25186
An XXE vulnerability exists within LeviStudioU Release Build 2019-09-21 and prior when processing parameter entities, which may allow file disclosure...