You are here

FATEK Automation PLC WinProladder (ICSA-20-254-02)

FATEK Automation PLC WinProladder (ICSA-20-254-02)

Created: Thursday, September 10, 2020 - 13:47
Categories:
Cyber Security

CISA has published an advisory on a stack-based buffer overflow vulnerability in FATEK Automation PLC WinProladder. Versions 3.28 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may cause a denial-of-service event and remote code execution. FATEK has not responded to requests to work with CISA to mitigate this vulnerability. Users of these affected products who would like to see more responsible security are invited to contact Fatek customer support. CISA recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.