VAR-202108-0789
Vulnerability from variot - Updated: 2023-12-18 10:47An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. FATEK Automation Provided by the company FvDesigner Is FATEK FVHMI A software tool used to design and develop series product projects. FvDesigner The following multiple vulnerabilities exist in. * Uninitialized pointer access ( CWE-824 ) - CVE-2021-32931 ‥ * Stack-based buffer overflow ( CWE-121 ) - CVE-2021-32947 ‥ * Out-of-bounds writing ( CWE-787 ) - CVE-2021-32939The expected impact depends on each vulnerability, but it may be affected as follows. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. FATEK Automation FvDesigner is a human-computer interaction device of FATEK Automation.
FATEK Automation FvDesigner 1.5.88 and earlier versions have a buffer overflow vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-0789",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fvdesigner",
"scope": null,
"trust": 1.4,
"vendor": "fatek automation",
"version": null
},
{
"model": "fvdesigner",
"scope": "lte",
"trust": 1.0,
"vendor": "fatek",
"version": "1.5.88"
},
{
"model": "fvdesigner",
"scope": "eq",
"trust": 0.8,
"vendor": "fatek automation",
"version": null
},
{
"model": "fvdesigner",
"scope": "lte",
"trust": 0.8,
"vendor": "fatek automation",
"version": "1.5.88 and earlier"
},
{
"model": "automation fvdesigner",
"scope": "lte",
"trust": 0.6,
"vendor": "fatek",
"version": "\u003c=1.5.88"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"db": "NVD",
"id": "CVE-2021-32931"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:fatek:fvdesigner:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.88",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-32931"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
],
"trust": 2.0
},
"cve": "CVE-2021-32931",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2021-70167",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2021-32931",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-32931",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.4,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-002266",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2021-32931",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-32931",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-002266",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-70167",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-490",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-32931",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"db": "VULMON",
"id": "CVE-2021-32931"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"db": "NVD",
"id": "CVE-2021-32931"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. FATEK Automation Provided by the company FvDesigner Is FATEK FVHMI A software tool used to design and develop series product projects. FvDesigner The following multiple vulnerabilities exist in. * Uninitialized pointer access ( CWE-824 ) - CVE-2021-32931 \u2025 * Stack-based buffer overflow ( CWE-121 ) - CVE-2021-32947 \u2025 * Out-of-bounds writing ( CWE-787 ) - CVE-2021-32939The expected impact depends on each vulnerability, but it may be affected as follows. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. FATEK Automation FvDesigner is a human-computer interaction device of FATEK Automation. \n\r\n\r\nFATEK Automation FvDesigner 1.5.88 and earlier versions have a buffer overflow vulnerability. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-32931"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULMON",
"id": "CVE-2021-32931"
}
],
"trust": 4.05
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-32931",
"trust": 4.5
},
{
"db": "ICS CERT",
"id": "ICSA-21-217-02",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-21-1030",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-21-1027",
"trust": 2.4
},
{
"db": "JVN",
"id": "JVNVU99370832",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002266",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-13400",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-13388",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2021-70167",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2660",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021080604",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202108-490",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-32931",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"db": "VULMON",
"id": "CVE-2021-32931"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"db": "NVD",
"id": "CVE-2021-32931"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
]
},
"id": "VAR-202108-0789",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-70167"
}
],
"trust": 1.3767857000000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-70167"
}
]
},
"last_update_date": "2023-12-18T10:47:50.686000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fatek Automation has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02"
},
{
"title": "Contact\u00a0Us",
"trust": 0.8,
"url": "https://www.fatek.com/en/contact_us.php"
},
{
"title": "Patch for FATEK Automation FvDesigner buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/290606"
},
{
"title": "FATEK Automation FvDesigner Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=158775"
},
{
"title": "CVE-2021-32931",
"trust": 0.1,
"url": "https://github.com/alaial90/cve-2021-32931 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"db": "VULMON",
"id": "CVE-2021-32931"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-824",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ Other ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [ Other ]",
"trust": 0.8
},
{
"problemtype": " Accessing uninitialized pointers (CWE-824) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"db": "NVD",
"id": "CVE-2021-32931"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.5,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02"
},
{
"trust": 2.3,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-1030/"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-1027/"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32931"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu99370832"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021080604"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2660"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/824.html"
},
{
"trust": 0.1,
"url": "https://github.com/alaial90/cve-2021-32931"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"db": "VULMON",
"id": "CVE-2021-32931"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"db": "NVD",
"id": "CVE-2021-32931"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"db": "VULMON",
"id": "CVE-2021-32931"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"db": "NVD",
"id": "CVE-2021-32931"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-27T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"date": "2021-08-27T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"date": "2021-09-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"date": "2021-08-11T00:00:00",
"db": "VULMON",
"id": "CVE-2021-32931"
},
{
"date": "2021-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"date": "2021-08-11T13:15:16.137000",
"db": "NVD",
"id": "CVE-2021-32931"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-08-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-27T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"date": "2021-08-27T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1027"
},
{
"date": "2021-09-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-70167"
},
{
"date": "2021-08-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-32931"
},
{
"date": "2021-08-10T07:08:00",
"db": "JVNDB",
"id": "JVNDB-2021-002266"
},
{
"date": "2021-09-21T18:16:46.977000",
"db": "NVD",
"id": "CVE-2021-32931"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-490"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1030"
},
{
"db": "ZDI",
"id": "ZDI-21-1027"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…