CISA has published an advisory on stack-based buffer overflow and heap-based buffer overflow vulnerabilities in WECON PLC Editor. Versions 1.3.8 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the application. WECON is aware of these vulnerabilities and is currently developing a solution. CISA also recommends a seried of measures to mitigate these vulnerabilities. Read the advisory at CISA.