ICSA-21-280-06 · Published 2021-10-07 · View on CISA ICS-CERT ↗

FATEK Automation WinProladder

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities may allow arbitrary code execution, remote code execution, heap corruption, and unauthorized information disclosure.

CVEs (7)

CVE-2021-38438 CVE-2021-38426 CVE-2021-38434 CVE-2021-38430 CVE-2021-38436 CVE-2021-38442 CVE-2021-38440

Remediations

Do not click web links or open unsolicited attachments in email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

Affected Vendors

FATEK Automation

Affected Products (1)

FATEK Automation · WinProladder <= 3.30

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more