CVE-2016-5798

HIGH

Fatek PM Designer V3 <2.1.2.2 - Buffer Overflow

Title source: llm
STIX 2.1

Description

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote buffer overflow on the Fatek Communication Server.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93105
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06

Scores

CVSS v3 7.5
EPSS 0.0203
EPSS Percentile 78.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-119
Status published
Products (3)
fatek/automation_fv_designer 1.2.8.0
fatek/automation_pm_designer 2.1.2.2
n/a/Fatek Automation Designer 2.1.2.2 Fatek Automation Designer 2.1.2.2
Published Feb 13, 2017
Tracked Since Feb 18, 2026