CVE-2021-38434

Publication date

2021-10-18 12:38:53

Family

icscert

State

PUBLISHED

Description

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code.