First published: Mon Oct 18 2021(Updated: )
FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Fatek WinProladder | <=3.30 | |
Fatek Automation WinProladder | <=3.30 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-38440 has been classified as a medium severity vulnerability due to its potential for unauthorized information exposure.
To mitigate CVE-2021-38440, upgrade FATEK WinProladder to version 3.31 or later if available.
CVE-2021-38440 can be exploited through an attack that triggers an out-of-bounds read, allowing unauthorized access to information.
FATEK Automation WinProladder versions up to and including 3.30 are affected by CVE-2021-38440.
Yes, CVE-2021-38440 may be exploited remotely if the vulnerable software is exposed on the network.