93 matches found
CVE-2024-47136
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a...
CVE-2024-47136
CVE-2024-47136 is an out-of-bounds read vulnerability in Kostac PLC Programming Software (former Koyo) up to version 1.6.14.0. Opening a specially crafted KPP project file saved with version 1.6.9.0 or earlier can cause DoS, arbitrary code execution, or information disclosure due to parsing issue...
CVE-2024-47135
Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may...
CVE-2024-47134
Summary of CVE-2024-47134 and related advisories : Kostac PLC Programming Software (formerly Koyo PLC Programming Software)
CVE-2024-47134
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a...
JTEKT Kostac PLC Programming Software 安全漏洞
JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.14.0 and prior versions, which stems from the presence of a stack-based buffer overflow vulnerability...
CVE-2024-24957
Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...
CVE-2024-24947
A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This...
CVE-2024-24851
A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability...
CVE-2024-24963
A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this...
CVE-2024-22187
A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to an arbitrary write. An attacker can send an unauthenticated packet to trigger this...
CVE-2024-23315
A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can send an unauthenticated packet to trigger th...
AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-1939 AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24963,CVE-2024-24962 SUMMARY A stack-based buffer overflow vulnerability exists in the Programming Software...
AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-1936 AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24851 SUMMARY A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn...
PT-2024-3879 · Automationdirect · Automationdirect P3-550E
Name of the Vulnerable Software and Affected Versions: AutomationDirect P3-550E version 1.2.10.9 Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality. Specially crafted network packets can lead to heap-based memory...
Delta Electronics ISPSoft Buffer Error Vulnerability
Delta Electronics ISPSoft is a PLC Programmable Logic Controller programming software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics ISPSoft that stems from a heap buffer overflow vulnerability...
CVE-2023-41374
Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of...
CVE-2023-41374
Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of...
CVE-2023-41374
Summary: CVE-2023-41374 is a double-free vulnerability in Kostac PLC Programming Software (KPP) versions 1.6.11.0 and earlier, related to parsing of KPP project files. If a user opens a specially crafted project file saved with 1.6.9.0 or earlier, arbitrary code execution may occur. Mitigation: s...
CVE-2023-41375
CVE-2023-41375 is a use-after-free vulnerability in Kostac PLC Programming Software (KPP) 1.6.11.0 and earlier, due to parsing of KPP project files saved with 1.6.9.0 or earlier. Exploitation may allow arbitrary code execution when a user opens a specially crafted project file. The vendor notes t...