← back
CVE-2016-8377

CVE-2016-8377

EPSS 8.9%
An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured Exception Handler (SEH) overwrite condition that may allow remote code execution.
Affected products
n/a · Fatek Automation PLC WinProladder 3.11 Build 14701
public PoCs found2
cve_referencewww.exploit-db.com/exploits/42700/unverifiedexploitdbwww.exploit-db.com/exploits/42700unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-16-350-01https://www.exploit-db.com/exploits/42700/http://www.securityfocus.com/bid/94938