VYPR

XD/E Series PLC Program Tool

by Xinje

CVEs (2)

  • CVE-2021-34606May 11, 2022
    risk 0.00cvss epss 0.00

    A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access…

  • CVE-2021-34605May 11, 2022
    risk 0.00cvss epss 0.02

    A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by…