7.7.0.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

panasonic

CWE-787

NVD

Published: 2023-12-19

Updated: 2024-11-21

Summary

Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file.

Vulnerable Configurations

Part	Description	Count
Application	Panasonic Panasonic Fpwin PRO - Panasonic Fpwin PRO 7.5.0.1 Panasonic Fpwin PRO 7.5.1.1 Panasonic Fpwin PRO 7.7.0.0	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://industry.panasonic.eu/products/automation-devices-solutions/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro
https://industry.panasonic.eu/products/automation-devices-solutions/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro