CVE-2024-47134

Summary

Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files.

Affected Software

VendorProductVersion RangeStatus
JTEKT ELECTRONICS CORPORATIONKostac PLC Programming Software (Former name: Koyo PLC Programming Software)1.6.14.0 and earlieraffected

Weaknesses

  • CWE-787: Out-of-bounds write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References