First published: Fri Oct 15 2021(Updated: )
FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Fatek Communication Server | <=1.13 | |
Fatek Communication Server Firmware | <=1.13 | |
Fatek Communication Server Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-38432 is considered a critical vulnerability due to its potential for remote code execution.
To fix CVE-2021-38432, upgrade the FATEK Automation Communication Server to version 1.14 or later.
CVE-2021-38432 is a stack-based buffer overflow vulnerability.
CVE-2021-38432 affects FATEK Automation Communication Server versions up to 1.13.
The potential impacts of CVE-2021-38432 include unauthorized remote code execution and system compromise.