Skip to content

CVE-2023-28728 | Control FPWIN Pro

A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files..This CVE has a CVSS3.1 score of 7.8 and a Base Severity of HIGH.

InfoDetails
CVE IDCVE-2023-28728
CVE StatePUBLISHED
BaseScore7.8
BaseSeverityHIGH
VectorStringCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
VersionNA

References for CVE-2023-28728 :
https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro

Metric TypeMetric Score
AttackVector(AV)LOCAL
AttackComplexity(AC)LOW
PrivilegesRequired(PR)NONE
UserInteraction(UI)REQUIRED
Scope(S)UNCHANGED
Confidentiality(C)HIGH
Availability(A)HIGH
Integrity(I)HIGH