1.6.9.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

jtekt

CWE-787

NVD

Published: 2024-10-03

Updated: 2024-10-15

Summary

Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files.

Vulnerable Configurations

Part	Description	Count
Application	Jtekt Jtekt Kostac PLC - Jtekt Kostac PLC 1.6.9.0 Jtekt Kostac PLC 1.6.10.0 Jtekt Kostac PLC 1.6.11.0	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References