CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-8377

An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured Exception Handler (SEH) overwrite condition that may allow remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.087

EPSS Ranking 92.0%

CVSS Severity

CVSS v3 Score 8.0

CVSS v2 Score 6.0

References

http://www.securityfocus.com/bid/94938
https://ics-cert.us-cert.gov/advisories/ICSA-16-350-01
https://www.exploit-db.com/exploits/42700/
http://www.securityfocus.com/bid/94938
https://ics-cert.us-cert.gov/advisories/ICSA-16-350-01
https://www.exploit-db.com/exploits/42700/

Products affected by CVE-2016-8377

Fatek » Plc Winproladder » Version: N/A

cpe:2.3:h:fatek:plc_winproladder:-
Fatek » Plc Winproladder Firmware » Version: 3.11

cpe:2.3:o:fatek:plc_winproladder_firmware:3.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-8377

Products

Pricing

Contact Us