CVE-2021-32931

EPSS 2.0%CWE-824

An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

Produtos afetados

n/a · FATEK Automation FvDesigner

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02 https://www.zerodayinitiative.com/advisories/ZDI-21-1027/https://www.zerodayinitiative.com/advisories/ZDI-21-1030/