Fatek: Security Vulnerabilities
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-06-29
FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-06-29
FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.003
Published
2021-04-12
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-03-03
A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-03-03
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.003
Published
2021-03-03
An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-03-03
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-03-03
In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.006
Published
2020-09-30
A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-03-21