CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-38434

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.9%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06
https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06

Products affected by CVE-2021-38434

Fatek » Winproladder » Version: N/A

cpe:2.3:a:fatek:winproladder:-
Fatek » Winproladder » Version: 3.28

cpe:2.3:a:fatek:winproladder:3.28
Fatek » Winproladder » Version: 3.30

cpe:2.3:a:fatek:winproladder:3.30

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-38434

Products

Pricing

Contact Us