CVE-2024-47134

Name of the Vulnerable Software and Affected Versions Kostac PLC Programming Software versions 1.6.14.0 and earlier

Description An out-of-bounds write vulnerability exists in the parsing of KPP project files. If a user opens a specially crafted project file saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier, it may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure.

Recommendations For Kostac PLC Programming Software versions 1.6.14.0 and earlier, update to a version later than 1.6.14.0 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.