Sign-up

ID

VAR-201702-0419


CVE

CVE-2016-5798


TITLE

Fatek Automation PM Designer V3 and FV Designer Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2016-007657

DESCRIPTION

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote buffer overflow on the Fatek Communication Server. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fatek Automation PM Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within parsing of a pm3 file. A malformed file can lead to heap memory corruption. A remote attacker can leverage this vulnerability to cause arbitrary code execution in the context of the user. Multiple Fatek Automation Products are prone to multiple remote code-execution vulnerabilities because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions

Trust: 3.15

sources: NVD: CVE-2016-5798 // JVNDB: JVNDB-2016-007657 // ZDI: ZDI-16-525 // ZDI: ZDI-16-634 // BID: 93105

AFFECTED PRODUCTS

vendor:fatekmodel:automation pm designerscope:eqversion:2.1.2.2

Trust: 1.9

vendor:fatekmodel:automation fv designerscope:eqversion:1.2.8.0

Trust: 1.9

vendor:fatek automationmodel:fv designerscope:eqversion:1.2.8.0

Trust: 0.8

vendor:fatek automationmodel:pm designerscope:eqversion:v3 2.1.2.2

Trust: 0.8

vendor:fatek automationmodel:pm designerscope: - version: -

Trust: 0.7

vendor:fatek automationmodel:fvdesignerscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-16-525 // ZDI: ZDI-16-634 // BID: 93105 // JVNDB: JVNDB-2016-007657 // CNNVD: CNNVD-201610-436 // NVD: CVE-2016-5798

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-5798
value: HIGH

Trust: 1.0

NVD: CVE-2016-5798
value: HIGH

Trust: 0.8

ZDI: ZDI-16-525
value: MEDIUM

Trust: 0.7

ZDI: CVE-2016-5798
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201610-436
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2016-5798
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: ZDI-16-525
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

ZDI: CVE-2016-5798
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

nvd@nist.gov: CVE-2016-5798
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-16-525 // ZDI: ZDI-16-634 // JVNDB: JVNDB-2016-007657 // CNNVD: CNNVD-201610-436 // NVD: CVE-2016-5798

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2016-007657 // NVD: CVE-2016-5798

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-436

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201610-436

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-007657

PATCH
title:Top Pageurl:http://www.fatek.com/en/
Trust: 0.8
title:Fatek Automation has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06
Trust: 0.7
sources:
            
            
            ZDI: ZDI-16-634 // 
            
            
            
            JVNDB: JVNDB-2016-007657

EXTERNAL IDS
db:NVDid:CVE-2016-5798
Trust: 3.4
db:ICS CERTid:ICSA-16-287-06
Trust: 2.7
db:BIDid:93105
Trust: 1.9
db:ZDIid:ZDI-16-525
Trust: 1.0
db:JVNDBid:JVNDB-2016-007657
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3586
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-3676
Trust: 0.7
db:ZDIid:ZDI-16-634
Trust: 0.7
db:CNNVDid:CNNVD-201610-436
Trust: 0.6
sources:
            
            
            ZDI: ZDI-16-525 // 
            
            
            
            ZDI: ZDI-16-634 // 
            
            
            
            BID: 93105 // 
            
            
            
            JVNDB: JVNDB-2016-007657 // 
            
            
            
            CNNVD: CNNVD-201610-436 // 
            
            
            
            NVD: CVE-2016-5798

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-16-287-06
Trust: 3.4
url:http://www.securityfocus.com/bid/93105
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5798
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5798
Trust: 0.8
url:http://www.fatek.com/en/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-525/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-16-634 // 
            
            
            
            BID: 93105 // 
            
            
            
            JVNDB: JVNDB-2016-007657 // 
            
            
            
            CNNVD: CNNVD-201610-436 // 
            
            
            
            NVD: CVE-2016-5798

CREDITS
Ariele Caltabiano (kimiya)
Trust: 1.4
sources:
            
            
            ZDI: ZDI-16-525 // 
            
            
            
            ZDI: ZDI-16-634

SOURCES
db:ZDIid:ZDI-16-525
db:ZDIid:ZDI-16-634
db:BIDid:93105
db:JVNDBid:JVNDB-2016-007657
db:CNNVDid:CNNVD-201610-436
db:NVDid:CVE-2016-5798

LAST UPDATE DATE
2025-04-20T23:13:18.794000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-16-525date:2016-09-21T00:00:00
db:ZDIid:ZDI-16-634date:2016-12-14T00:00:00
db:BIDid:93105date:2016-10-26T09:08:00
db:JVNDBid:JVNDB-2016-007657date:2017-03-09T00:00:00
db:CNNVDid:CNNVD-201610-436date:2016-10-17T00:00:00
db:NVDid:CVE-2016-5798date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:ZDIid:ZDI-16-525date:2016-09-21T00:00:00
db:ZDIid:ZDI-16-634date:2016-12-14T00:00:00
db:BIDid:93105date:2016-09-21T00:00:00
db:JVNDBid:JVNDB-2016-007657date:2017-03-09T00:00:00
db:CNNVDid:CNNVD-201610-436date:2016-09-21T00:00:00
db:NVDid:CVE-2016-5798date:2017-02-13T21:59:00.267