Vulnerabilities > CVE-2019-13520 - Out-of-bounds Write vulnerability in Fujielectric Alpha5 Smart Loader Firmware

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

fujielectric

CWE-787

NVD

Published: 2019-08-20

Updated: 2020-10-16

Summary

Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application.

Vulnerable Configurations

Part	Description	Count
OS	Fujielectric Fujielectric Alpha5 Smart Loader Firmware *	1
Hardware	Fujielectric Fujielectric Alpha5 Smart Loader -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.us-cert.gov/ics/advisories/icsa-19-227-02
https://www.zerodayinitiative.com/advisories/ZDI-19-798/
https://www.zerodayinitiative.com/advisories/ZDI-19-820/