Vendor CVEs
Fatek Automation
All CVEs
46 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-6023 | Cri | 0.64 | 9.8 | 0.04 | Mar 16, 2017 | An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and… | ||
| CVE-2025-12507 | Hig | 0.57 | 8.8 | 0.00 | Oct 31, 2025 | The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed. | ||
| CVE-2016-5796 | Hig | 0.57 | 8.8 | 0.02 | Feb 13, 2017 | An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within… | ||
| CVE-2016-8377 | Hig | 0.56 | 8.0 | 0.09 | Feb 13, 2017 | An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured… | ||
| CVE-2016-5798 | Hig | 0.49 | 7.5 | 0.02 | Feb 13, 2017 | An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote… | ||
| CVE-2025-41082 | Med | 0.45 | — | 0.00 | Jan 26, 2026 | Illegal HTTP request traffic vulnerability (CL.0) in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and… | ||
| CVE-2023-34273 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34272 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34271 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34270 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34269 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34268 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34267 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34266 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34265 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34264 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34263 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2023-34262 | 0.00 | — | 0.00 | May 3, 2024 | Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this… | |||
| CVE-2022-2866 | 0.00 | — | 0.00 | Aug 31, 2022 | FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of-bounds write while processing project files. If a valid user is tricked into using maliciously crafted project files, an attacker could achieve arbitrary code execution. | |||
| CVE-2022-25170 | 0.00 | — | 0.01 | Feb 25, 2022 | The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code | |||
| CVE-2022-21209 | 0.00 | — | 0.02 | Feb 25, 2022 | The affected product is vulnerable to an out-of-bounds read while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution. | |||
| CVE-2022-23985 | 0.00 | — | 0.02 | Feb 25, 2022 | The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution. | |||
| CVE-2021-43554 | 0.00 | — | 0.02 | Dec 28, 2021 | FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | |||
| CVE-2021-43556 | 0.00 | — | 0.02 | Dec 28, 2021 | FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code. | |||
| CVE-2021-38436 | 0.00 | — | 0.01 | Oct 18, 2021 | FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the… | |||
| CVE-2021-38438 | 0.00 | — | 0.01 | Oct 18, 2021 | A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution. | |||
| CVE-2021-38434 | 0.00 | — | 0.01 | Oct 18, 2021 | FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code. | |||
| CVE-2021-38440 | 0.00 | — | 0.01 | Oct 18, 2021 | FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information. | |||
| CVE-2021-38442 | 0.00 | — | 0.01 | Oct 18, 2021 | FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||
| CVE-2021-38426 | 0.00 | — | 0.01 | Oct 18, 2021 | FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code. | |||
| CVE-2021-38430 | 0.00 | — | 0.01 | Oct 18, 2021 | FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code. | |||
| CVE-2021-38432 | 0.00 | — | 0.02 | Oct 15, 2021 | FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code. | |||
| CVE-2021-32939 | 0.00 | — | 0.02 | Aug 11, 2021 | FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution. | |||
| CVE-2021-32947 | 0.00 | — | 0.02 | Aug 11, 2021 | FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. | |||
| CVE-2021-32931 | 0.00 | — | 0.02 | Aug 11, 2021 | An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||
| CVE-2021-32988 | 0.00 | — | 0.02 | Jun 29, 2021 | FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code. | |||
| CVE-2021-32992 | 0.00 | — | 0.02 | Jun 29, 2021 | FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code. | |||
| CVE-2021-32990 | 0.00 | — | 0.02 | Jun 29, 2021 | FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. | |||
| CVE-2021-27486 | 0.00 | — | 0.01 | Apr 12, 2021 | FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. | |||
| CVE-2021-22638 | 0.00 | — | 0.01 | Mar 3, 2021 | Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||
| CVE-2021-22683 | 0.00 | — | 0.01 | Mar 3, 2021 | Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||
| CVE-2021-22666 | 0.00 | — | 0.01 | Mar 3, 2021 | Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||
| CVE-2021-22670 | 0.00 | — | 0.01 | Mar 3, 2021 | An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||
| CVE-2021-22662 | 0.00 | — | 0.01 | Mar 3, 2021 | A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | |||
| CVE-2020-16234 | 0.00 | — | 0.01 | Sep 30, 2020 | In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2016-5800 | 0.00 | — | 0.02 | Mar 21, 2019 | A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. |
- risk 0.64cvss 9.8epss 0.04
An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and…
- risk 0.57cvss 8.8epss 0.00
The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within…
- risk 0.56cvss 8.0epss 0.09
An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote…
- risk 0.45cvss —epss 0.00
Illegal HTTP request traffic vulnerability (CL.0) in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and…
- CVE-2023-34273May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34272May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34271May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34270May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34269May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34268May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34267May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34266May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34265May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34264May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34263May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2023-34262May 3, 2024risk 0.00cvss —epss 0.00
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…
- CVE-2022-2866Aug 31, 2022risk 0.00cvss —epss 0.00
FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of-bounds write while processing project files. If a valid user is tricked into using maliciously crafted project files, an attacker could achieve arbitrary code execution.
- CVE-2022-25170Feb 25, 2022risk 0.00cvss —epss 0.01
The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code
- CVE-2022-21209Feb 25, 2022risk 0.00cvss —epss 0.02
The affected product is vulnerable to an out-of-bounds read while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.
- CVE-2022-23985Feb 25, 2022risk 0.00cvss —epss 0.02
The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.
- CVE-2021-43554Dec 28, 2021risk 0.00cvss —epss 0.02
FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.
- CVE-2021-43556Dec 28, 2021risk 0.00cvss —epss 0.02
FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code.
- CVE-2021-38436Oct 18, 2021risk 0.00cvss —epss 0.01
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the…
- CVE-2021-38438Oct 18, 2021risk 0.00cvss —epss 0.01
A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution.
- CVE-2021-38434Oct 18, 2021risk 0.00cvss —epss 0.01
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code.
- CVE-2021-38440Oct 18, 2021risk 0.00cvss —epss 0.01
FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information.
- CVE-2021-38442Oct 18, 2021risk 0.00cvss —epss 0.01
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process.
- CVE-2021-38426Oct 18, 2021risk 0.00cvss —epss 0.01
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code.
- CVE-2021-38430Oct 18, 2021risk 0.00cvss —epss 0.01
FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code.
- CVE-2021-38432Oct 15, 2021risk 0.00cvss —epss 0.02
FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.
- CVE-2021-32939Aug 11, 2021risk 0.00cvss —epss 0.02
FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution.
- CVE-2021-32947Aug 11, 2021risk 0.00cvss —epss 0.02
FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
- CVE-2021-32931Aug 11, 2021risk 0.00cvss —epss 0.02
An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
- CVE-2021-32988Jun 29, 2021risk 0.00cvss —epss 0.02
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.
- CVE-2021-32992Jun 29, 2021risk 0.00cvss —epss 0.02
FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code.
- CVE-2021-32990Jun 29, 2021risk 0.00cvss —epss 0.02
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
- CVE-2021-27486Apr 12, 2021risk 0.00cvss —epss 0.01
FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code.
- CVE-2021-22638Mar 3, 2021risk 0.00cvss —epss 0.01
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
- CVE-2021-22683Mar 3, 2021risk 0.00cvss —epss 0.01
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
- CVE-2021-22666Mar 3, 2021risk 0.00cvss —epss 0.01
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution.
- CVE-2021-22670Mar 3, 2021risk 0.00cvss —epss 0.01
An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
- CVE-2021-22662Mar 3, 2021risk 0.00cvss —epss 0.01
A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
- CVE-2020-16234Sep 30, 2020risk 0.00cvss —epss 0.01
In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code.
- CVE-2016-5800Mar 21, 2019risk 0.00cvss —epss 0.02
A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0.