VYPR

Vendor CVEs

Wecon

All CVEs

24 total · sorted by risk
  • CVE-2018-14818CriOct 8, 2018
    risk 0.64cvss 9.8epss 0.03

    WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution.

  • CVE-2017-13999CriOct 17, 2017
    risk 0.64cvss 9.8epss 0.03

    A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory; the attacker may then be…

  • CVE-2020-25181HigDec 1, 2020
    risk 0.57cvss 8.8epss 0.02

    WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution.

  • CVE-2020-25177HigDec 1, 2020
    risk 0.57cvss 8.8epss 0.02

    WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution.

  • CVE-2018-14810HigOct 8, 2018
    risk 0.57cvss 8.8epss 0.02

    WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator.

  • CVE-2018-10606HigSep 26, 2018
    risk 0.57cvss 8.8epss 0.02

    WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.

  • CVE-2018-10602HigSep 26, 2018
    risk 0.57cvss 8.8epss 0.02

    WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.

  • CVE-2017-6037HigApr 27, 2017
    risk 0.57cvss 8.8epss 0.02

    A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run by the system.

  • CVE-2017-6035HigApr 27, 2017
    risk 0.57cvss 8.8epss 0.02

    A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow, which could result in denial of service when a malicious project file is run on the system.

  • CVE-2017-16717HigDec 20, 2017
    risk 0.56cvss 8.6epss 0.02

    A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio HMI. The heap-based buffer overflow vulnerability has been identified, which may allow remote code execution.

  • CVE-2016-5781HigJul 12, 2016
    risk 0.52cvss 7.8epss 0.15

    Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file.

  • CVE-2016-4533HigJul 12, 2016
    risk 0.52cvss 7.8epss 0.13

    Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file.

  • CVE-2021-23157HigJan 14, 2022
    risk 0.51cvss 7.8epss 0.08

    WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.

  • CVE-2021-23138HigJan 14, 2022
    risk 0.51cvss 7.8epss 0.09

    WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.

  • CVE-2021-43983HigDec 13, 2021
    risk 0.51cvss 7.8epss 0.03

    WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.

  • CVE-2021-42707HigNov 22, 2021
    risk 0.51cvss 7.8epss 0.01

    PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.

  • CVE-2021-42705HigNov 22, 2021
    risk 0.51cvss 7.8epss 0.01

    PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code.

  • CVE-2020-25199HigDec 9, 2020
    risk 0.51cvss 7.8epss 0.01

    A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application.

  • CVE-2019-6541HigFeb 13, 2019
    risk 0.51cvss 7.8epss 0.02

    A memory corruption vulnerability has been identified in WECON LeviStudioU version 1.8.56 and prior, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative, reported these vulnerabilities to NCCIC.

  • CVE-2019-6539HigFeb 13, 2019
    risk 0.51cvss 7.8epss 0.02

    Several heap-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior have been identified, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative, reported these…

  • CVE-2019-6537HigFeb 13, 2019
    risk 0.51cvss 7.8epss 0.02

    Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length…

  • CVE-2018-14792MedSep 19, 2018
    risk 0.41cvss 6.3epss 0.01

    WECON PLC Editor version 1.3.3U may allow an attacker to execute code under the current process when processing project files.

  • CVE-2018-17889MedOct 8, 2018
    risk 0.35cvss 5.3epss 0.01

    In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information…

  • CVE-2018-7527MedApr 26, 2018
    risk 0.35cvss 5.3epss 0.01

    A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file.