GCVE - cpe:2.3:a:fatek:winproladder:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:fatek:winproladder:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Fatek (`a0b6fb17-49e5-57c1-9627-b59bd2096847`)
Product	Winproladder (`59b424c9-000e-5c10-9a9e-dd1f24e9e110`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-43556`	vulnerable	2026-06-08 05:36:43.547329	FATEK Automation WinProladder HIGH (7.8) FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code. Published: 2021-12-28T18:17:39.233Z Updated: 2024-09-16T20:01:55.103Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-320-01 https://www.zerodayinitiative.com/advisories/ZDI-22-029/ https://www.zerodayinitiative.com/advisories/ZDI-22-032/ https://www.zerodayinitiative.com/advisories/ZDI-22-031/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-43554`	vulnerable	2026-06-08 05:36:43.545316	FATEK Automation WinProladder HIGH (7.8) FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. Published: 2021-12-28T18:17:44.936Z Updated: 2024-09-16T17:38:43.627Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-320-01 https://www.zerodayinitiative.com/advisories/ZDI-22-030/ https://www.zerodayinitiative.com/advisories/ZDI-22-033/ https://www.zerodayinitiative.com/advisories/ZDI-22-028/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38442`	vulnerable	2026-06-08 05:33:47.338419	FATEK Automation WinProladder HIGH (7.8) FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. Published: 2021-10-18T12:38:40.737Z Updated: 2024-09-16T22:55:38.055Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38440`	vulnerable	2026-06-08 05:33:47.336169	FATEK Automation WinProladder LOW (3.3) FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information. Published: 2021-10-18T12:38:47.229Z Updated: 2024-09-17T04:09:30.941Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38438`	vulnerable	2026-06-08 05:33:47.326967	FATEK Automation WinProladder HIGH (7.8) A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution. Published: 2021-10-18T12:39:01.079Z Updated: 2024-09-16T20:58:00.669Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38436`	vulnerable	2026-06-08 05:33:47.326540	FATEK Automation WinProladder HIGH (7.8) FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Published: 2021-10-18T12:39:07.705Z Updated: 2024-09-17T01:22:08.017Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38434`	vulnerable	2026-06-08 05:33:47.325302	FATEK Automation WinProladder HIGH (7.8) FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code. Published: 2021-10-18T12:38:53.598Z Updated: 2024-09-16T22:39:58.739Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38430`	vulnerable	2026-06-08 05:33:47.317954	FATEK Automation WinProladder HIGH (7.8) FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code. Published: 2021-10-18T12:38:28.447Z Updated: 2024-09-16T16:53:33.583Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38426`	vulnerable	2026-06-08 05:33:47.309497	FATEK Automation WinProladder HIGH (7.8) FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code. Published: 2021-10-18T12:38:33.374Z Updated: 2024-09-16T20:03:40.188Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-32992`	vulnerable	2026-06-08 05:32:08.367392	Details available FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code. Published: 2021-06-29T14:50:38.000Z Updated: 2024-08-03T23:42:19.103Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-32990`	vulnerable	2026-06-08 05:32:08.366667	Details available FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. Published: 2021-06-29T14:50:23.000Z Updated: 2024-08-03T23:42:19.117Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-32988`	vulnerable	2026-06-08 05:32:08.363831	Details available FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code. Published: 2021-06-29T14:50:51.000Z Updated: 2024-08-03T23:42:19.083Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-27486`	vulnerable	2026-06-08 05:31:21.687857	Details available FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. Published: 2021-04-12T14:36:05.000Z Updated: 2024-08-03T21:26:08.941Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-098-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-16234`	vulnerable	2026-06-08 05:19:27.806988	FATEK Automation PLC WinProladder In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code. Published: 2020-09-30T20:44:31.000Z Updated: 2024-08-04T13:37:53.800Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-20-254-02	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.