What is the severity of CVE-2019-18236?

CVE-2019-18236 is classified as a high severity vulnerability due to its potential for remote code execution.

How do I fix CVE-2019-18236?

To fix CVE-2019-18236, it is recommended to update the PLC Editor to the latest version that addresses these buffer overflow vulnerabilities.

Who is affected by CVE-2019-18236?

CVE-2019-18236 affects users of WECON PLC Editor version 1.3.5-20190129.

What type of vulnerability is CVE-2019-18236?

CVE-2019-18236 involves multiple buffer overflow vulnerabilities that can allow attackers to execute arbitrary code.

Can CVE-2019-18236 be exploited remotely?

Yes, CVE-2019-18236 can be exploited remotely by an attacker using a specially crafted project file.

Vulnerability/
CVE-2019-18236

high

7.8

CWE

119 121

23/12/2019

5/8/2024

CVE-2019-18236: (0Day) WECON PLC Editor PLCDataCeter Port Buffer Overflow Remote Code Execution Vulnerability

First published: Mon Dec 23 2019(Updated: )

Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
WECON PLC Editor	=1.3.5-20190129

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-18236?
CVE-2019-18236 is classified as a high severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2019-18236?
To fix CVE-2019-18236, it is recommended to update the PLC Editor to the latest version that addresses these buffer overflow vulnerabilities.
Who is affected by CVE-2019-18236?
CVE-2019-18236 affects users of WECON PLC Editor version 1.3.5-20190129.
What type of vulnerability is CVE-2019-18236?
CVE-2019-18236 involves multiple buffer overflow vulnerabilities that can allow attackers to execute arbitrary code.
Can CVE-2019-18236 be exploited remotely?
Yes, CVE-2019-18236 can be exploited remotely by an attacker using a specially crafted project file.

collector/nvd-index
agent/type
collector/mitre-cve
source/MITRE
agent/title
agent/references
agent/author
agent/weakness
agent/severity
agent/last-modified-date
agent/first-publish-date
agent/description
agent/softwarecombine
collector/zdi-advisory
source/ZDI
alias/ZDI-19-1034
alias/ZDI-CAN-9123
alias/CVE-2019-18236
agent/software-canonical-lookup
alias/ZDI-19-1033
alias/ZDI-CAN-9122
agent/event
agent/trending
agent/tags
agent/source
vendor/we-con
canonical/wecon plc editor
version/wecon plc editor/1.3.5-20190129
vendor/wecon

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.