CVE-2018-14792

MEDIUM

WECON PLC Editor <1.3.3U - Code Injection

Title source: llm
STIX 2.1

Description

WECON PLC Editor version 1.3.3U may allow an attacker to execute code under the current process when processing project files.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource, VDB Entry x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-261-01

Scores

CVSS v3 6.3
EPSS 0.0135
EPSS Percentile 67.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Details

CWE
CWE-119 CWE-121
Status published
Products (1)
we-con/plc_editor 1.3.3u
Published Sep 19, 2018
Tracked Since Feb 18, 2026