CVE-2016-5796 Fatek CVE debrief

Who should care

Organizations that use Fatek engineering/design software, especially OT/ICS teams, automation engineers, and IT admins supporting those workstations.

Technical summary

The official record describes an improper restriction of operations within the bounds of a memory buffer. NVD lists affected CPEs for Automation FV Designer 1.2.8.0 and Automation PM Designer V3 2.1.2.2, with a CVSS v3.0 vector of AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The public description does not spell out every precondition, but the rating indicates network reachability and some user interaction are involved.

Defensive priority

High. The issue can lead to denial of service and possible code execution in engineering software used in industrial environments.

Recommended defensive actions

• Identify whether Automation PM Designer V3 2.1.2.2 or Automation FV Designer 1.2.8.0 is installed anywhere in the environment.
• Follow the vendor or ICS-CERT guidance referenced in the public advisory for remediation or mitigation steps.
• Restrict network and workstation access to engineering tools so only trusted users and systems can reach them.
• Monitor affected systems for unexplained crashes, abnormal packet handling, or unexpected process behavior.
• Apply least privilege and isolate OT engineering workstations from untrusted networks where feasible.
• Keep backups of project files and workstation images so affected systems can be rebuilt quickly if needed.

Evidence notes

NVD’s public record for CVE-2016-5796 identifies the issue as a buffer-bound restriction problem (CWE-119) and lists the CVSS v3.0 vector AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The record references ICS-CERT advisory ICSA-16-287-06 and SecurityFocus BID 93105, and the NVD CPE mappings name Fatek Automation FV Designer 1.2.8.0 and Automation PM Designer V3 2.1.2.2.

Official resources