FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2021-10-18T12:39:07.705556Z
Updated: 2024-09-17T01:22:08.017Z
Reserved: 2021-08-10T00:00:00
Link: CVE-2021-38436
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-10-18T13:15:09.757
Modified: 2024-11-21T06:17:05.847
Link: CVE-2021-38436
Redhat
No data.