FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-098-01 | Third Party Advisory US Government Resource |
Configurations
History
22 Apr 2021, 20:26
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
CPE | cpe:2.3:a:fatek:winproladder:*:*:*:*:*:*:*:* | |
References | (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-098-01 - Third Party Advisory, US Government Resource |
16 Apr 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
Summary | FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. |
12 Apr 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-12 15:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-27486
Mitre link : CVE-2021-27486
CVE.ORG link : CVE-2021-27486
JSON object : View
Products Affected
fatek
- winproladder
CWE
CWE-191
Integer Underflow (Wrap or Wraparound)