Vulnerabilities > WE CON > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-27 | CVE-2018-14814 | Out-of-bounds Read vulnerability in We-Con PI Studio and PI Studio HMI WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object. | 6.5 |
| 2018-10-08 | CVE-2018-17889 | XXE vulnerability in We-Con PI Studio and PI Studio HMI In WECON Technology Co., Ltd. | 5.3 |
| 2018-09-19 | CVE-2018-14792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in We-Con PLC Editor 1.3.3U WECON PLC Editor version 1.3.3U may allow an attacker to execute code under the current process when processing project files. | 6.3 |
| 2018-04-26 | CVE-2018-7527 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in We-Con products A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file. | 5.3 |