Details of VAR-202110-0990

ID

VAR-202110-0990

CVE

CVE-2021-38440

TITLE

FATEK Automation WinProladder Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-013907

DESCRIPTION

FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Fatek Automation WinProladder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PDW files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. FATEK Automation WinProladder is a PLC of China FATEK Automation Company

Trust: 2.88

sources: NVD: CVE-2021-38440 // JVNDB: JVNDB-2021-013907 // ZDI: ZDI-21-1171 // CNVD: CNVD-2021-83601 // VULMON: CVE-2021-38440

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-83601

AFFECTED PRODUCTS

vendor:	fatek	model:	winproladder	scope:	lte	version:	3.30	Trust: 1.0
vendor:	fatek automation	model:	winproladder	scope:	eq	version:	-	Trust: 0.8
vendor:	fatek automation	model:	winproladder	scope:	lte	version:	3.30 and earlier	Trust: 0.8
vendor:	fatek automation	model:	winproladder	scope:	-	version:	-	Trust: 0.7
vendor:	fatek	model:	automation winproladder	scope:	lte	version:	<=3.30	Trust: 0.6

sources: ZDI: ZDI-21-1171 // CNVD: CNVD-2021-83601 // JVNDB: JVNDB-2021-013907 // NVD: CVE-2021-38440

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-38440
value:	LOW
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2021-38440
value:	LOW
Trust: 1.0
NVD:	CVE-2021-38440
value:	LOW
Trust: 0.8
ZDI:	CVE-2021-38440
value:	LOW
Trust: 0.7
CNVD:	CNVD-2021-83601
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202110-403
value:	LOW
Trust: 0.6
VULMON:	CVE-2021-38440
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-38440
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2021-83601
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-38440
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2021-013907
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2021-38440
baseSeverity:	LOW
baseScore:	3.3
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-1171 // CNVD: CNVD-2021-83601 // VULMON: CVE-2021-38440 // JVNDB: JVNDB-2021-013907 // CNNVD: CNNVD-202110-403 // NVD: CVE-2021-38440 // NVD: CVE-2021-38440

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.0
problemtype:	Out-of-bounds read (CWE-125) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-013907 // NVD: CVE-2021-38440

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202110-403

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202110-403

PATCH

title:	Top Page	url:	https://www.fatek.com/en	Trust: 0.8
title:	Fatek Automation has issued an update to correct this vulnerability.	url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Trust: 0.7
title:	FATEK Automation WinProladder Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=166185	Trust: 0.6

sources: ZDI: ZDI-21-1171 // JVNDB: JVNDB-2021-013907 // CNNVD: CNNVD-202110-403

EXTERNAL IDS

db:	NVD	id:	CVE-2021-38440	Trust: 4.6
db:	ICS CERT	id:	ICSA-21-280-06	Trust: 3.1
db:	ZDI	id:	ZDI-21-1171	Trust: 1.4
db:	JVN	id:	JVNVU93626160	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-013907	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-13744	Trust: 0.7
db:	CNVD	id:	CNVD-2021-83601	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3351	Trust: 0.6
db:	CS-HELP	id:	SB2021100805	Trust: 0.6
db:	CNNVD	id:	CNNVD-202110-403	Trust: 0.6
db:	VULMON	id:	CVE-2021-38440	Trust: 0.1

sources: ZDI: ZDI-21-1171 // CNVD: CNVD-2021-83601 // VULMON: CVE-2021-38440 // JVNDB: JVNDB-2021-013907 // CNNVD: CNNVD-202110-403 // NVD: CVE-2021-38440

REFERENCES

url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-280-06	Trust: 3.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-38440	Trust: 1.4
url:	http://jvn.jp/vu/jvnvu93626160/index.html	Trust: 0.8
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-21-280-06	Trust: 0.8
url:	https://www.zerodayinitiative.com/advisories/zdi-21-1171/	Trust: 0.7
url:	https://www.auscert.org.au/bulletins/esb-2021.3351	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021100805	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: ZDI: ZDI-21-1171 // CNVD: CNVD-2021-83601 // VULMON: CVE-2021-38440 // JVNDB: JVNDB-2021-013907 // CNNVD: CNNVD-202110-403 // NVD: CVE-2021-38440

CREDITS

xina1i

Trust: 0.7

sources: ZDI: ZDI-21-1171

SOURCES

db:	ZDI	id:	ZDI-21-1171
db:	CNVD	id:	CNVD-2021-83601
db:	VULMON	id:	CVE-2021-38440
db:	JVNDB	id:	JVNDB-2021-013907
db:	CNNVD	id:	CNNVD-202110-403
db:	NVD	id:	CVE-2021-38440

LAST UPDATE DATE

2024-08-14T13:23:18.609000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-1171	date:	2021-10-14T00:00:00
db:	CNVD	id:	CNVD-2021-83601	date:	2022-01-18T00:00:00
db:	VULMON	id:	CVE-2021-38440	date:	2021-10-21T00:00:00
db:	JVNDB	id:	JVNDB-2021-013907	date:	2022-09-29T07:06:00
db:	CNNVD	id:	CNNVD-202110-403	date:	2021-10-25T00:00:00
db:	NVD	id:	CVE-2021-38440	date:	2021-10-21T20:24:07.413

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-1171	date:	2021-10-14T00:00:00
db:	CNVD	id:	CNVD-2021-83601	date:	2021-10-07T00:00:00
db:	VULMON	id:	CVE-2021-38440	date:	2021-10-18T00:00:00
db:	JVNDB	id:	JVNDB-2021-013907	date:	2022-09-29T00:00:00
db:	CNNVD	id:	CNNVD-202110-403	date:	2021-10-07T00:00:00
db:	NVD	id:	CVE-2021-38440	date:	2021-10-18T13:15:09.880