First published: Tue Jan 05 2021(Updated: )
FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Panasonic FPWIN Pro | <7.5.0.1 | |
Panasonic FPWIN Pro Version 7.5.0.0 and prior |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-16236.
The severity of CVE-2020-16236 is high with a CVSS score of 7.8.
The affected software is FPWIN Pro version up to 7.5.0.1 by Panasonic.
An attacker can exploit CVE-2020-16236 by tricking a user into opening a maliciously crafted project file, allowing them to execute arbitrary code remotely.
Yes, you can find more information about CVE-2020-16236 in the advisory published by CISA at the following link: https://us-cert.cisa.gov/ics/advisories/icsa-21-005-02