Sign-up

ID

VAR-202103-0434


CVE

CVE-2021-22662


TITLE

Fatek Automation FvDesigner FPJ File Parsing Use-After-Free Remote Code Execution Vulnerability

Trust: 2.1

sources: ZDI: ZDI-21-258 // ZDI: ZDI-21-257 // ZDI: ZDI-21-256

DESCRIPTION

A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of FPJ files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Fatek FvDesigner is a software tool for designing and developing FATEK FV HMI series product projects. The way Fatek FvDesigner 1.5.76 and earlier versions handle project files has a reuse vulnerability after release

Trust: 3.33

sources: NVD: CVE-2021-22662 // ZDI: ZDI-21-258 // ZDI: ZDI-21-257 // ZDI: ZDI-21-256 // CNVD: CNVD-2021-16379

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-16379

AFFECTED PRODUCTS

vendor:fatek automationmodel:fvdesignerscope: - version: -

Trust: 2.1

vendor:fatekmodel:fvdesignerscope:lteversion:1.5.76

Trust: 1.0

vendor:fatekmodel:fvdesignerscope:lteversion:<=1.5.76

Trust: 0.6

sources: ZDI: ZDI-21-258 // ZDI: ZDI-21-257 // ZDI: ZDI-21-256 // CNVD: CNVD-2021-16379 // NVD: CVE-2021-22662

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2021-22662
value: HIGH

Trust: 2.1

nvd@nist.gov: CVE-2021-22662
value: HIGH

Trust: 1.0

CNVD: CNVD-2021-16379
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202102-1649
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-22662
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2021-16379
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

ZDI: CVE-2021-22662
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 2.1

nvd@nist.gov: CVE-2021-22662
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: ZDI: ZDI-21-258 // ZDI: ZDI-21-257 // ZDI: ZDI-21-256 // CNVD: CNVD-2021-16379 // CNNVD: CNNVD-202102-1649 // NVD: CVE-2021-22662

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.0

sources: NVD: CVE-2021-22662

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-1649

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202102-1649

PATCH

title:Fatek Automation has issued an update to correct this vulnerability.url:https://us-cert.cisa.gov/ics/advisories/icsa-21-056-02

Trust: 2.1

sources: ZDI: ZDI-21-258 // ZDI: ZDI-21-257 // ZDI: ZDI-21-256

EXTERNAL IDS

db:NVDid:CVE-2021-22662

Trust: 4.3

db:ICS CERTid:ICSA-21-056-02

Trust: 2.2

db:ZDIid:ZDI-21-258

Trust: 1.3

db:ZDI_CANid:ZDI-CAN-11997

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-11996

Trust: 0.7

db:ZDIid:ZDI-21-257

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-11995

Trust: 0.7

db:ZDIid:ZDI-21-256

Trust: 0.7

db:CNVDid:CNVD-2021-16379

Trust: 0.6

db:AUSCERTid:ESB-2021.0711

Trust: 0.6

db:CNNVDid:CNNVD-202102-1649

Trust: 0.6

sources: ZDI: ZDI-21-258 // ZDI: ZDI-21-257 // ZDI: ZDI-21-256 // CNVD: CNVD-2021-16379 // CNNVD: CNNVD-202102-1649 // NVD: CVE-2021-22662

REFERENCES

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-056-02

Trust: 4.3

url:https://www.zerodayinitiative.com/advisories/zdi-21-258/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-22662

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0711

Trust: 0.6

sources: ZDI: ZDI-21-258 // ZDI: ZDI-21-257 // ZDI: ZDI-21-256 // CNVD: CNVD-2021-16379 // CNNVD: CNNVD-202102-1649 // NVD: CVE-2021-22662

CREDITS

Francis Provencher {PRL}

Trust: 2.1

sources: ZDI: ZDI-21-258 // ZDI: ZDI-21-257 // ZDI: ZDI-21-256

SOURCES

db:ZDIid:ZDI-21-258
db:ZDIid:ZDI-21-257
db:ZDIid:ZDI-21-256
db:CNVDid:CNVD-2021-16379
db:CNNVDid:CNNVD-202102-1649
db:NVDid:CVE-2021-22662

LAST UPDATE DATE

2024-11-23T22:25:10.347000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-258date:2021-02-26T00:00:00
db:ZDIid:ZDI-21-257date:2021-02-26T00:00:00
db:ZDIid:ZDI-21-256date:2021-02-26T00:00:00
db:CNVDid:CNVD-2021-16379date:2021-03-22T00:00:00
db:CNNVDid:CNNVD-202102-1649date:2021-03-10T00:00:00
db:NVDid:CVE-2021-22662date:2024-11-21T05:50:25.753

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-258date:2021-02-26T00:00:00
db:ZDIid:ZDI-21-257date:2021-02-26T00:00:00
db:ZDIid:ZDI-21-256date:2021-02-26T00:00:00
db:CNVDid:CNVD-2021-16379date:2021-03-10T00:00:00
db:CNNVDid:CNNVD-202102-1649date:2021-02-25T00:00:00
db:NVDid:CVE-2021-22662date:2021-03-03T17:15:12.427