RSS   Vulnerabilities for 'Pi studio hmi'   RSS

2018-10-08
 
CVE-2018-17889

CWE-611
 

 
In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure.

 
 
CVE-2018-14818

CWE-119
 

 
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution.

 
 
CVE-2018-14810

CWE-787
 

 
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator.

 

 >>> Vendor: We-con 9 Products
Levi studio hmi editor
Levi studio hmi
Levistudio hmi editor firmware
Levistudio hmi editor
Levistudiou
Pi studio hmi project programmer
Plc editor
Pi studio
Pi studio hmi


Copyright 2019, cxsecurity.com

 

Back to Top