CVE-2021-32939

EPSS 1.6%CWE-787

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution.

Produtos afetados

n/a · FATEK Automation FvDesigner

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02 https://www.zerodayinitiative.com/advisories/ZDI-21-1028/