CVE-2024-47135

Name of the Vulnerable Software and Affected Versions Kostac PLC Programming Software versions 1.6.14.0 and earlier

Description A stack-based buffer overflow vulnerability exists in the parsing of KPP project files. Having a user open a specially crafted project file may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure.

Recommendations For Kostac PLC Programming Software versions 1.6.14.0 and earlier, update to a version later than 1.6.14.0 to resolve the issue. As a temporary workaround, consider restricting the use of KPP project files until a patch is available. Avoid opening specially crafted project files to minimize the risk of exploitation.