Vulnerabilities > CVE-2021-38434 - Unspecified vulnerability in Fatek Winproladder 3.28/3.30

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
fatek

Summary

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code.

Vulnerable Configurations

Part Description Count
Application
Fatek
3