VYPR

Communication Server

by Fatek Automation

CVEs (4)

  • CVE-2025-12507HigOct 31, 2025
    risk 0.57cvss 8.8epss 0.00

    The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.

  • CVE-2016-5798HigFeb 13, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote…

  • CVE-2025-41082MedJan 26, 2026
    risk 0.45cvss epss 0.00

    Illegal HTTP request traffic vulnerability (CL.0) in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and…

  • CVE-2021-38432Oct 15, 2021
    risk 0.00cvss epss 0.02

    FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.