24 matches found
CVE-2022-21209
CVE-2022-21209 affects FATEK Automation FvDesigner . The vulnerability lies in the FPJ file parser where improper validation can cause a stack-based buffer overflow and/or an out-of-bounds read. This can allow an attacker to craft a malicious FPJ/project file to achieve remote code execution in t...
CVE-2022-23985
The CVE-2022-23985 entry corresponds to a vulnerability in Fatek Automation FvDesigner involving FPJ file parsing. Concretely, it is an out-of-bounds write in the FPJ parser that can allow arbitrary code execution when a crafted project file is processed. Multiple sources (ZDI advisories for ZDI-...
CVE-2022-25170
CVE-2022-25170 affects FATEK Automation FvDesigner. The vulnerability is a stack-based buffer overflow while processing project files, enabling arbitrary code execution. Affected product/version: FvDesigner versions 1.5.100 and prior. Impact: potential for high-severity code execution; CVSS v3.1 ...
CVE-2022-2866
CVE-2022-2866 affects FATEK Automation FvDesigner up to version 1.5.103. The vulnerability is an out-of-bounds write when processing project files, which could allow arbitrary code execution. Public sources disagree on exploitation details: CVE/NVD describes a local vector requiring user interact...
CVE-2021-32931
CVE-2021-32931 affects FATEK Automation FvDesigner (versions 1.5.88 and prior). The connected docs confirm a vulnerability in FPJ file parsing caused by an uninitialized pointer (CWE-824) that may permit arbitrary code execution when processing project files. ZDI advisories describe this as a rem...
CVE-2023-34270
Summary: CVE-2023-34270affects Fatek Automation FvDesigner via FPJ file parsing. The issue arises from lack of input validation in FPJ parsing, causing an out-of-bounds write and enabling remote code execution in the current process. Exploitation requires user interaction (visiting a malicious pa...
CVE-2023-34265
CVE-2023-34265 concerns a flaw in Fatek Automation’s FvDesigner FPJ file parsing. The root cause is a lack of proper validation of user-supplied data, which can cause a write past the end of an allocated data structure (an out-of-bounds write). This vulnerability can enable an attacker to execute...
CVE-2021-22683
CVE-2021-22683 affects Fatek FvDesigner, version 1.5.76 and earlier. The Red Hat/NVD entries describe an out-of-bounds write when processing project files, which may permit arbitrary code execution in the affected software. The CVSS details indicate a mix of local and network considerations depen...
CVE-2023-34267
CVE-2023-34267 affects Fatek Automation FvDesigner, specifically FPJ file parsing. The vulnerability arises from insufficient validation that can cause a write past the end of an allocated data structure, enabling arbitrary code execution in the context of the current process. Exploitation requir...
CVE-2023-34273
CVE-2023-34273 affects Fatek Automation FvDesigner via FPJ file parsing. The flaw is an out-of-bounds write caused by insufficient validation of FPJ file data, allowing arbitrary code execution in the current process. Exploitation requires user interaction (target visits a malicious page or opens...
CVE-2021-22662
The CVE-2021-22662 issue affects FATEK FvDesigner (versions 1.5.76 and earlier). It is a use-after-free vulnerability in how FPJ/project files are processed, allowing an attacker to craft a malicious project file that may execute arbitrary code. Multiple sources (NVD, Red Hat, CISA/ICS) describe ...
CVE-2021-32939
The CVE-2021-32939 entry concerns FATEK Automation FvDesigner, affected in versions 1.5.88 and earlier. The vulnerability is an out-of-bounds write when processing project files, which can allow an attacker to craft a project file that may execute arbitrary code. Public sources (ZDI advisory) des...
CVE-2021-32947
CVE-2021-32947 affects FATEK Automation FvDesigner (versions 1.5.88 and earlier). The vulnerability is a stack-based buffer overflow in FPJ/file processing that can allow arbitrary code execution with the attacker’s code running in the target process; exploitation requires user interaction as per...
CVE-2023-34263
CVE-2023-34263 affects Fatek Automation FvDesigner, due to an uninitialized pointer during FPJ file parsing that enables remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious FPJ/file). The flaw is documented across multiple sources (ZDI a...
CVE-2023-34268
The CVE-2023-34268 issue affects Fatek Automation FvDesigner, specifically FPJ file parsing. The vulnerability arises from inadequate validation of user-supplied data, causing a write past the end of an allocated structure (out-of-bounds write) and enabling remote code execution in the context of...
CVE-2023-34271
CVE-2023-34271 affects Fatek Automation FvDesigner FPJ file parsing. The flaw is a lack of proper validation of FPJ data, causing a write past the end of an allocated data structure (out-of-bounds write) and enabling arbitrary code execution. Exploitation requires user interaction (the target mus...
CVE-2021-22670
CVE-2021-22670 affects FATEK Automation FvDesigner (Version 1.5.76 and earlier). The root cause is an uninitialized pointer during FPJ/project-file processing, enabling an attacker to craft a specially formed project file that may permit arbitrary code execution. Public sources describe exploitat...
CVE-2023-34269
CVE-2023-34269 : A vulnerability in Fatek Automation FvDesigner’s FPJ file parser allows an out‑of‑bounds write due to insufficient input validation, enabling arbitrary code execution in the context of the current process. Exploitation requires user interaction (visiting a malicious page or openi...
CVE-2023-34262
The CVE-2023-34262 entry concerns Fatek Automation FvDesigner FPJ file parsing, where a lack of proper validation in FPJ data can cause an out-of-bounds write, enabling remote code execution. Affected component: FvDesigner FPJ file parser. Root cause: insufficient validation of user-supplied FPJ ...
CVE-2023-34272
CVE-2023-34272 affects Fatek Automation FvDesigner; the vulnerability lies in FPJ file parsing due to an uninitialized pointer that is dereferenced. This can allow an attacker to execute arbitrary code in the context of the current process. Exploitation requires user interaction (the target must ...
CVE-2021-22638
Fatek FvDesigner, v1.5.76 and earlier, has an out-of-bounds read vulnerability while processing project files that may permit arbitrary code execution. Public sources identify the affected product and root cause as an out-of-bounds read/write chain during FPJ/project file handling, with CVE-2021-...
CVE-2023-34264
CVE-2023-34264 affects Fatek Automation FvDesigner FPJ file parsing. The flaw is an out-of-bounds write caused by insufficient validation of FPJ data, enabling code execution in the affected process. Exploitation requires user interaction (target must open a malicious page/file). Public documents...
CVE-2021-22666
CVE-2021-22666 affects Fatek Automation’s FvDesigner, v1.5.76 and prior. The issue is a stack-based buffer overflow during processing of project files (FPJ), enabling an attacker to craft a specially crafted project file that may execute arbitrary code. Some sources indicate remote/code-execution...
CVE-2023-34266
CVE-2023-34266 affects Fatek Automation FvDesigner; vulnerability lies in FPJ file parsing where lack of input validation enables an out-of-bounds write, allowing remote code execution in the target process. Exploitation requires user interaction (visiting a crafted page or opening a malicious FP...