Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-38483 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 3.3 LOW | 5.7 MEDIUM |
The affected product is vulnerable to misconfigured binaries, allowing users on the target PC with SYSTEM level privileges access to overwrite the binary and modify files to gain privilege escalation. | |||||
CVE-2021-43933 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 4.3 MEDIUM | 5.9 MEDIUM |
The affected product is vulnerable to a network-based attack by threat actors sending unimpeded requests to the receiving server, which could cause a denial-of-service condition due to lack of heap memory resources. | |||||
CVE-2021-43990 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 2.6 LOW | 5.3 MEDIUM |
The affected product is vulnerable to a network-based attack by threat actors supplying a crafted, malicious XML payload designed to trigger an external entity reference call. | |||||
CVE-2021-43988 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 4.3 MEDIUM | 5.9 MEDIUM |
The affected product is vulnerable to a network-based attack by threat actors utilizing crafted naming conventions of files to gain unauthorized access rights. | |||||
CVE-2021-43986 | 1 Fanuc | 1 Roboguide | 2022-10-17 | 4.4 MEDIUM | 7.0 HIGH |
The setup program for the affected product configures its files and folders with full access, which may allow unauthorized users permission to replace original binaries and achieve privilege escalation. |