GCVE - cpe:2.3:a:jtekt_electronics_corporation:kostac_plc_programming_software_(former_name:_koyo_plc_programming

Approved changes feed: RSS · Atom

cpe:2.3:a:jtekt_electronics_corporation:kostac_plc_programming_software_(former_name:_koyo_plc_programming_software):*:*:*:*:*:*:*:*

part: a version: _koyo_plc_programming_software) update: *

Vendor	Jtekt Electronics Corporation (`a7c827ac-88e7-5206-9522-a4abe332b707`)
Product	Kostac Plc Programming Software (Former Name (`05add293-fe73-5b9b-8afe-0bf3e24f7782`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-47136`	vulnerable	2026-06-03 14:57:00.749615	Details available HIGH (7.8) Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. Published: 2024-10-03T02:54:16.204Z Updated: 2024-10-03T15:29:25.895Z Open on db.gcve.eu Reference links https://www.electronics.jtekt.co.jp/en/topics/202410026928/ https://www.electronics.jtekt.co.jp/jp/topics/2024100217388/ https://jvn.jp/en/vu/JVNVU92808077/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-47135`	vulnerable	2026-06-03 14:57:00.748209	Details available HIGH (7.8) Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. Published: 2024-10-03T02:53:46.102Z Updated: 2024-10-03T15:32:41.172Z Open on db.gcve.eu Reference links https://www.electronics.jtekt.co.jp/en/topics/202410026928/ https://www.electronics.jtekt.co.jp/jp/topics/2024100217388/ https://jvn.jp/en/vu/JVNVU92808077/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-47134`	vulnerable	2026-06-03 14:57:00.745418	Details available HIGH (7.8) Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. Published: 2024-10-03T02:53:19.594Z Updated: 2024-10-03T15:34:44.845Z Open on db.gcve.eu Reference links https://www.electronics.jtekt.co.jp/en/topics/202410026928/ https://www.electronics.jtekt.co.jp/jp/topics/2024100217388/ https://jvn.jp/en/vu/JVNVU92808077/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-22424`	vulnerable	2026-06-03 14:49:19.043351	Details available Use-after-free vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a specially crafted project file may lead to information disclosure and/or arbitrary code execution. Published: 2023-03-05T00:00:00.000Z Updated: 2025-03-07T15:48:36.711Z Open on db.gcve.eu Reference links https://www.electronics.jtekt.co.jp/en/topics/202303035258/ https://www.electronics.jtekt.co.jp/jp/topics/2023030313639/ https://jvn.jp/en/vu/JVNVU94966432/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-22421`	vulnerable	2026-06-03 14:49:19.042308	Details available Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.9.0 and earlier. The insufficient buffer size for the PLC program instructions leads to out-of-bounds read. As a result, opening a specially crafted project file may lead to information disclosure and/or arbitrary code execution. Published: 2023-03-05T00:00:00.000Z Updated: 2025-03-07T18:15:14.304Z Open on db.gcve.eu Reference links https://www.electronics.jtekt.co.jp/en/topics/202303035258/ https://www.electronics.jtekt.co.jp/jp/topics/2023030313639/ https://jvn.jp/en/vu/JVNVU94966432/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-22419`	vulnerable	2026-06-03 14:49:19.039793	Details available Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.9.0 and earlier. When processing a comment block in stage information, the end of data cannot be verified and out-of-bounds read occurs. As a result, opening a specially crafted project file may lead to information disclosure and/or arbitrary code execution. Published: 2023-03-05T00:00:00.000Z Updated: 2025-03-06T16:05:15.274Z Open on db.gcve.eu Reference links https://www.electronics.jtekt.co.jp/en/topics/202303035258/ https://www.electronics.jtekt.co.jp/jp/topics/2023030313639/ https://jvn.jp/en/vu/JVNVU94966432/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Kostac Plc Programming Software (Former Name

PURL mappings

Vulnerability references

Contribute