PT-2021-2651 · Fatek Automation · Winproladder

Francis Provencher

Published

2021-04-08

Updated

2021-04-22

CVE-2021-27486

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions FATEK Automation WinProladder versions 3.30 and prior

Description The issue is caused by an integer underflow, which may lead to an out-of-bounds write. This could allow an attacker to execute arbitrary code.

Recommendations For versions 3.30 and prior, update to a version that fixes the integer underflow issue to prevent potential code execution by attackers.

Fix

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191

Related Identifiers

BDU:2021-02180

CVE-2021-27486

Affected Products

Winproladder

PT-2021-2651 · Fatek Automation · Winproladder

CVE-2021-27486

Weakness Enumeration

Related Identifiers

Affected Products

References · 5