VYPR

Vendor CVEs

Fatek Automation

All CVEs

46 total · sorted by risk
  • CVE-2017-6023CriMar 16, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and…

  • CVE-2025-12507HigOct 31, 2025
    risk 0.57cvss 8.8epss 0.00

    The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.

  • CVE-2016-5796HigFeb 13, 2017
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within…

  • CVE-2016-8377HigFeb 13, 2017
    risk 0.56cvss 8.0epss 0.09

    An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured…

  • CVE-2016-5798HigFeb 13, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote…

  • CVE-2025-41082MedJan 26, 2026
    risk 0.45cvss epss 0.00

    Illegal HTTP request traffic vulnerability (CL.0) in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and…

  • CVE-2023-34273May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34272May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34271May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34270May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34269May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34268May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34267May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34266May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34265May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34264May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34263May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2023-34262May 3, 2024
    risk 0.00cvss epss 0.00

    Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this…

  • CVE-2022-2866Aug 31, 2022
    risk 0.00cvss epss 0.00

    FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of-bounds write while processing project files. If a valid user is tricked into using maliciously crafted project files, an attacker could achieve arbitrary code execution.

  • CVE-2022-25170Feb 25, 2022
    risk 0.00cvss epss 0.01

    The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code

  • CVE-2022-21209Feb 25, 2022
    risk 0.00cvss epss 0.02

    The affected product is vulnerable to an out-of-bounds read while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.

  • CVE-2022-23985Feb 25, 2022
    risk 0.00cvss epss 0.02

    The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.

  • CVE-2021-43554Dec 28, 2021
    risk 0.00cvss epss 0.02

    FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.

  • CVE-2021-43556Dec 28, 2021
    risk 0.00cvss epss 0.02

    FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code.

  • CVE-2021-38436Oct 18, 2021
    risk 0.00cvss epss 0.01

    FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the…

  • CVE-2021-38438Oct 18, 2021
    risk 0.00cvss epss 0.01

    A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution.

  • CVE-2021-38434Oct 18, 2021
    risk 0.00cvss epss 0.01

    FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code.

  • CVE-2021-38440Oct 18, 2021
    risk 0.00cvss epss 0.01

    FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information.

  • CVE-2021-38442Oct 18, 2021
    risk 0.00cvss epss 0.01

    FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process.

  • CVE-2021-38426Oct 18, 2021
    risk 0.00cvss epss 0.01

    FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code.

  • CVE-2021-38430Oct 18, 2021
    risk 0.00cvss epss 0.01

    FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code.

  • CVE-2021-38432Oct 15, 2021
    risk 0.00cvss epss 0.02

    FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.

  • CVE-2021-32939Aug 11, 2021
    risk 0.00cvss epss 0.02

    FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution.

  • CVE-2021-32947Aug 11, 2021
    risk 0.00cvss epss 0.02

    FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

  • CVE-2021-32931Aug 11, 2021
    risk 0.00cvss epss 0.02

    An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

  • CVE-2021-32988Jun 29, 2021
    risk 0.00cvss epss 0.02

    FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.

  • CVE-2021-32992Jun 29, 2021
    risk 0.00cvss epss 0.02

    FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code.

  • CVE-2021-32990Jun 29, 2021
    risk 0.00cvss epss 0.02

    FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.

  • CVE-2021-27486Apr 12, 2021
    risk 0.00cvss epss 0.01

    FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code.

  • CVE-2021-22638Mar 3, 2021
    risk 0.00cvss epss 0.01

    Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

  • CVE-2021-22683Mar 3, 2021
    risk 0.00cvss epss 0.01

    Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

  • CVE-2021-22666Mar 3, 2021
    risk 0.00cvss epss 0.01

    Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution.

  • CVE-2021-22670Mar 3, 2021
    risk 0.00cvss epss 0.01

    An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

  • CVE-2021-22662Mar 3, 2021
    risk 0.00cvss epss 0.01

    A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

  • CVE-2020-16234Sep 30, 2020
    risk 0.00cvss epss 0.01

    In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code.

  • CVE-2016-5800Mar 21, 2019
    risk 0.00cvss epss 0.02

    A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0.