Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

468 vulnerabilities found for WebAccess by Advantech

VAR-201904-0181

Vulnerability from variot - Updated: 2025-12-22 23:55

Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within BwSyncLg.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in execution to other associated memory locations. erroneous read and write operations

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 9.8,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.3.5"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=8.3.5"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-322"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-321"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6550"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Mat Powell of Trend Micro Zero Day Initiative",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-322"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309"
      }
    ],
    "trust": 9.1
  },
  "cve": "CVE-2019-6550",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-6550",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-08948",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-157985",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-6550",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 9.8,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-6550",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2019-6550",
            "trust": 9.8,
            "value": "CRITICAL"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-6550",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-08948",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201904-089",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-157985",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-322"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-321"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      },
      {
        "db": "VULHUB",
        "id": "VHN-157985"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6550"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within BwSyncLg.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in execution to other associated memory locations. erroneous read and write operations",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6550"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-321"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-322"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      },
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
      },
      {
        "db": "VULHUB",
        "id": "VHN-157985"
      }
    ],
    "trust": 10.53
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-6550",
        "trust": 12.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-092-01",
        "trust": 2.3
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-585",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-089",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7914",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-322",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7899",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7924",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7927",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7901",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7904",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7913",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7910",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7900",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7920",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-321",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7903",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7912",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7925",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7885",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-330",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1113",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "107675",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "4D85A7A9-A091-4C59-84E6-73C8B6639498",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-157985",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-322"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-321"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      },
      {
        "db": "VULHUB",
        "id": "VHN-157985"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6550"
      }
    ]
  },
  "id": "VAR-201904-0181",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      },
      {
        "db": "VULHUB",
        "id": "VHN-157985"
      }
    ],
    "trust": 1.4466745799999998
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:55:40.719000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 6.3,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-091-01"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 3.5,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01"
      },
      {
        "title": "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/157945"
      },
      {
        "title": "Advantech WebAccess/SCADA Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91013"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-322"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-321"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-089"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-157985"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6550"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 6.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-091-01"
      },
      {
        "trust": 5.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-092-01"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-585/"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/107675"
      },
      {
        "trust": 0.6,
        "url": "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv\u0026doc_source=download"
      },
      {
        "trust": 0.6,
        "url": "https://www.advantech.com/"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6550"
      },
      {
        "trust": 0.6,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-330/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/78318"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-322"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-321"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      },
      {
        "db": "VULHUB",
        "id": "VHN-157985"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6550"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-322",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-311",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-329",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-325",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-313",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-316",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-320",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-318",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-312",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-321",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-315",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-319",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-323",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-309",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-157985",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-089",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6550",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2019-04-03T00:00:00",
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-322",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-311",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-329",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-325",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-313",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-316",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-320",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-318",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-312",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-321",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-315",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-319",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-323",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-309",
        "ident": null
      },
      {
        "date": "2019-04-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-08948",
        "ident": null
      },
      {
        "date": "2019-04-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-157985",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-089",
        "ident": null
      },
      {
        "date": "2019-04-05T19:29:00.310000",
        "db": "NVD",
        "id": "CVE-2019-6550",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-322",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-311",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-329",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-325",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-313",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-316",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-320",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-318",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-312",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-321",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-315",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-319",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-323",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-309",
        "ident": null
      },
      {
        "date": "2019-04-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-08948",
        "ident": null
      },
      {
        "date": "2020-10-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-157985",
        "ident": null
      },
      {
        "date": "2020-10-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-089",
        "ident": null
      },
      {
        "date": "2024-11-21T04:46:40.660000",
        "db": "NVD",
        "id": "CVE-2019-6550",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-089"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess/SCADA Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-08948"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-089"
      }
    ],
    "trust": 0.8
  }
}

VAR-201407-0233

Vulnerability from variot - Updated: 2025-12-22 23:54

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webdact.ocx ActiveX Control. The control does not check the length of an attacker-supplied ProjectName string before copying it into a fixed length buffer on the stack. This could allow an attacker to execute arbitrary code in the context of the browser process. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess webvact.ocx, dvs.ocx and webdact.ocx ActiveX controls fail to properly handle long-length named ProjectName, SetParameter, NodeName, CCDParameter, SetColor, AlarmImage, GetParameter, GetColor, ServerResponse, SetBaud and IPAddress parameters, and attackers can build malicious A WEB page that entice a user to access, can crash an application or execute arbitrary code. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There are multiple stack-based buffer overflow vulnerabilities in Advantech WebAccess 7.1 and earlier versions

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 7.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-244"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-252"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-241"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-243"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-242"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-476"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2364"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Anonymous",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-252"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254"
      }
    ],
    "trust": 4.9
  },
  "cve": "CVE-2014-2364",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-2364",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 10.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-04544",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e485769a-2351-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-70303",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2014-2364",
            "trust": 7.7,
            "value": "HIGH"
          },
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-2364",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-2364",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-2364",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04544",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-476",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e485769a-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-70303",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-244"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-252"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-241"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-243"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-242"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70303"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-476"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2364"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2364"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webdact.ocx ActiveX Control. The control does not check the length of an attacker-supplied ProjectName string before copying it into a fixed length buffer on the stack. This could allow an attacker to execute arbitrary code in the context of the browser process. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess webvact.ocx, dvs.ocx and webdact.ocx ActiveX controls fail to properly handle long-length named ProjectName, SetParameter, NodeName, CCDParameter, SetColor, AlarmImage, GetParameter, GetColor, ServerResponse, SetBaud and IPAddress parameters, and attackers can build malicious A WEB page that entice a user to access, can crash an application or execute arbitrary code. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There are multiple stack-based buffer overflow vulnerabilities in Advantech WebAccess 7.1 and earlier versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-243"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-242"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-241"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-252"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-244"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544"
      },
      {
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70303"
      }
    ],
    "trust": 9.54
  },
  "exploit_availability": {
    "_id": null,
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-70303",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70303"
      }
    ]
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-2364",
        "trust": 11.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-198-02",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "68714",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-476",
        "trust": 1.1
      },
      {
        "db": "PACKETSTORM",
        "id": "128384",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2045",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-244",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2062",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-252",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2066",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2032",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-241",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2065",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2044",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-243",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2063",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2043",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-242",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2068",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2069",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2064",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "7D7F00B0-463F-11E9-B5C5-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "E485769A-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "34757",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-70303",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-244"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-252"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-241"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-243"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-242"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70303"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-476"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2364"
      }
    ]
  },
  "id": "VAR-201407-0233",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70303"
      }
    ],
    "trust": 1.53470696
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:54:37.672000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 7.7,
        "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02"
      },
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "title": "Advantech WebAccess patch for multiple ActiveX control buffer overflow vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47828"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-244"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-252"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-241"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-243"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-242"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70303"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2364"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 10.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-02"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/68714"
      },
      {
        "trust": 1.1,
        "url": "http://packetstormsecurity.com/files/128384/advantech-webaccess-dvs.ocx-getcolor-buffer-overflow.html"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2364"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2364"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-244"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-252"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-241"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-243"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-242"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70303"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-476"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2364"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-244",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-252",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-255",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-241",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-246",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-243",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-253",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-242",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-247",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-248",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-254",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04544",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-70303",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-476",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2364",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-07-24T00:00:00",
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-244",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-252",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-255",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-241",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-246",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-243",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-253",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-242",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-247",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-248",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-254",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04544",
        "ident": null
      },
      {
        "date": "2014-07-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70303",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-476",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003487",
        "ident": null
      },
      {
        "date": "2014-07-19T05:09:27.563000",
        "db": "NVD",
        "id": "CVE-2014-2364",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-244",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-252",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-255",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-241",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-246",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-243",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-253",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-242",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-247",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-248",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-254",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04544",
        "ident": null
      },
      {
        "date": "2015-08-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70303",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-476",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003487",
        "ident": null
      },
      {
        "date": "2025-10-06T18:15:47.890000",
        "db": "NVD",
        "id": "CVE-2014-2364",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-476"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess Vulnerable to stack-based buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003487"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7f00b0-463f-11e9-b5c5-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e485769a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-476"
      }
    ],
    "trust": 1.0
  }
}

VAR-201810-0396

Vulnerability from variot - Updated: 2025-12-22 23:54

Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwclient.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech (Advantech) WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. Advantech WebAccess is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 3. An arbitrary-file-deletion vulnerability 4. This may aid in further attacks. Advantech WebAccess 8.3.1 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess node",
        "scope": null,
        "trust": 8.4,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "advantech",
        "version": "8.3.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "8.3.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=8.3.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935"
      },
      {
        "db": "BID",
        "id": "105728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14816"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Mat Powell of Trend Micro Zero Day Initiative",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-1311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309"
      },
      {
        "db": "BID",
        "id": "105728"
      }
    ],
    "trust": 8.7
  },
  "cve": "CVE-2018-14816",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2018-14816",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 8.4,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-14816",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-21935",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-125013",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-14816",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-14816",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2018-14816",
            "trust": 8.4,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-14816",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-14816",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-21935",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201810-1188",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-125013",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125013"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14816"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwclient.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech (Advantech) WebAccess software is the core of Advantech\u0027s IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. Advantech WebAccess is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n3. An arbitrary-file-deletion vulnerability\n4. This may aid in further attacks. \nAdvantech WebAccess 8.3.1 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-14816"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935"
      },
      {
        "db": "BID",
        "id": "105728"
      },
      {
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125013"
      }
    ],
    "trust": 10.26
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-14816",
        "trust": 12.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-296-01",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "105728",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1041939",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6299",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1311",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6300",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6296",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6298",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6302",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6295",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6289",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6285",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6301",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6290",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6292",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6297",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "E2FEEFE1-39AB-11E9-8E28-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-125013",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125013"
      },
      {
        "db": "BID",
        "id": "105728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14816"
      }
    ]
  },
  "id": "VAR-201810-0396",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125013"
      }
    ],
    "trust": 1.4399341300000001
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:54:32.435000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 8.4,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01"
      },
      {
        "title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
        "trust": 0.8,
        "url": "https://www.advantech.co.jp/"
      },
      {
        "title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-21935)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/143393"
      },
      {
        "title": "Advantech WebAccess Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86280"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-1311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-125013"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14816"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 10.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/105728"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1041939"
      },
      {
        "trust": 1.0,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01%2c"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14816"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14816"
      },
      {
        "trust": 0.3,
        "url": "http://webaccess.advantech.com"
      },
      {
        "trust": 0.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01,"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-1311"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125013"
      },
      {
        "db": "BID",
        "id": "105728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14816"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1311",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1312",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1308",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1310",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1314",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1307",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1302",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1298",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1313",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1303",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1309",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-21935",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-125013",
        "ident": null
      },
      {
        "db": "BID",
        "id": "105728",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011085",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14816",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-10-28T00:00:00",
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1311",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1312",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1308",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1310",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1314",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1307",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1302",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1298",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1313",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1303",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1304",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1309",
        "ident": null
      },
      {
        "date": "2018-10-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-21935",
        "ident": null
      },
      {
        "date": "2018-10-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-125013",
        "ident": null
      },
      {
        "date": "2018-10-23T00:00:00",
        "db": "BID",
        "id": "105728",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201810-1188",
        "ident": null
      },
      {
        "date": "2019-01-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-011085",
        "ident": null
      },
      {
        "date": "2018-10-23T20:29:00.530000",
        "db": "NVD",
        "id": "CVE-2018-14816",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1311",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1312",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1308",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1310",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1314",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1307",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1302",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1298",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1313",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1303",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1304",
        "ident": null
      },
      {
        "date": "2018-10-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1309",
        "ident": null
      },
      {
        "date": "2018-10-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-21935",
        "ident": null
      },
      {
        "date": "2020-08-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-125013",
        "ident": null
      },
      {
        "date": "2018-10-23T00:00:00",
        "db": "BID",
        "id": "105728",
        "ident": null
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201810-1188",
        "ident": null
      },
      {
        "date": "2019-01-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-011085",
        "ident": null
      },
      {
        "date": "2024-11-21T03:49:51.383000",
        "db": "NVD",
        "id": "CVE-2018-14816",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess Client bwwebv Stack-based Buffer Overflow Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-1312"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1304"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "_id": null,
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-1188"
      }
    ],
    "trust": 0.8
  }
}

VAR-201906-1029

Vulnerability from variot - Updated: 2025-12-22 23:52

In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. An information disclosure vulnerability 5. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 9.1,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.3.5"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=8.3.5"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3.5"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3.4"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3.2"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.4.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10993"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Natnael Samson (@NattiSamson)",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597"
      }
    ],
    "trust": 9.1
  },
  "cve": "CVE-2019-10993",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-10993",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-32473",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-142595",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-10993",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 9.1,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-10993",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2019-10993",
            "trust": 9.1,
            "value": "CRITICAL"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10993",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-32473",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201906-1077",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142595",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142595"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1077"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10993"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. An information disclosure vulnerability\n5. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (\u00e2??../\u00e2??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10993"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142595"
      }
    ],
    "trust": 10.17
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10993",
        "trust": 11.9
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597",
        "trust": 2.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-178-05",
        "trust": 2.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-611",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-615",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-602",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-607",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-598",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-603",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-618",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-601",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-623",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1077",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "108923",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-599",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8129",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8146",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8143",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8150",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8139",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8118",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8145",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8138",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8147",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8126",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8151",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8130",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8127",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.2350",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "D5DCD84F-1ACA-4DC3-AC16-D5C7C3DD4D07",
        "trust": 0.2
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-604",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-593",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-609",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-608",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-142595",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142595"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1077"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10993"
      }
    ]
  },
  "id": "VAR-201906-1029",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142595"
      }
    ],
    "trust": 1.4466745799999998
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:52:37.978000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 9.1,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
      },
      {
        "title": "Patch for Advantech WebAccess/SCADA arbitrary code execution vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/181487"
      },
      {
        "title": "Advantech WebAccess/SCADA Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94180"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1077"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-476",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142595"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10993"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 11.1,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
      },
      {
        "trust": 2.3,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-623/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-597/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-598/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-601/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-602/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-603/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-605/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-606/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-607/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-611/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-612/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-613/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-614/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-615/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-616/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-617/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-618/"
      },
      {
        "trust": 1.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10993"
      },
      {
        "trust": 0.9,
        "url": "http://webaccess.advantech.com"
      },
      {
        "trust": 0.6,
        "url": "https://www.securityfocus.com/bid/108923"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.2350/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-593/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-595/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-596/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-599/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-600/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-604/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-608/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-609/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-610/"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142595"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1077"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10993"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-599",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-613",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-610",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-616",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-606",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-595",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-612",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-605",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-614",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-596",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-617",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-600",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-597",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-142595",
        "ident": null
      },
      {
        "db": "BID",
        "id": "108923",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1077",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10993",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2019-09-21T00:00:00",
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-599",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-613",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-610",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-616",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-606",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-595",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-612",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-605",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-614",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-596",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-617",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-600",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-597",
        "ident": null
      },
      {
        "date": "2019-09-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-32473",
        "ident": null
      },
      {
        "date": "2019-06-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142595",
        "ident": null
      },
      {
        "date": "2019-06-27T00:00:00",
        "db": "BID",
        "id": "108923",
        "ident": null
      },
      {
        "date": "2019-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-1077",
        "ident": null
      },
      {
        "date": "2019-06-28T21:15:11.353000",
        "db": "NVD",
        "id": "CVE-2019-10993",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-599",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-613",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-610",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-616",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-606",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-595",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-612",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-605",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-614",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-596",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-617",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-600",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-597",
        "ident": null
      },
      {
        "date": "2019-09-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-32473",
        "ident": null
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142595",
        "ident": null
      },
      {
        "date": "2019-06-27T00:00:00",
        "db": "BID",
        "id": "108923",
        "ident": null
      },
      {
        "date": "2022-04-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-1077",
        "ident": null
      },
      {
        "date": "2024-11-21T04:20:18.740000",
        "db": "NVD",
        "id": "CVE-2019-10993",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1077"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess/SCADA Arbitrary code execution vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32473"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1077"
      }
    ],
    "trust": 0.6
  }
}

VAR-202005-0008

Vulnerability from variot - Updated: 2025-12-22 23:52

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00005226 in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is due to the fact that the program does not correctly verify the length of the data submitted by the user

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess/scada",
        "scope": null,
        "trust": 8.4,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.4.4"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "9.0.0"
      },
      {
        "_id": null,
        "model": "webaccess node",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.4.4"
      },
      {
        "_id": null,
        "model": "webaccess node",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "9.0.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "webaccess",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "webaccess",
        "version": "9.0.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
      },
      {
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-593"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10638"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Z0mb1E",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-593"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596"
      }
    ],
    "trust": 8.4
  },
  "cve": "CVE-2020-10638",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2020-10638",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.1,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-29739",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-163136",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-10638",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 7.7,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-10638",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.2,
            "id": "CVE-2020-10638",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2020-10638",
            "trust": 7.7,
            "value": "CRITICAL"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-10638",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "ZDI",
            "id": "CVE-2020-10638",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-29739",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202005-295",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-163136",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-10638",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
      },
      {
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-593"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739"
      },
      {
        "db": "VULHUB",
        "id": "VHN-163136"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-10638"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202005-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10638"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00005226 in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is due to the fact that the program does not correctly verify the length of the data submitted by the user",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-10638"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-593"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739"
      },
      {
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
      },
      {
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
      },
      {
        "db": "VULHUB",
        "id": "VHN-163136"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-10638"
      }
    ],
    "trust": 9.54
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-10638",
        "trust": 11.2
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-593",
        "trust": 2.5
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599",
        "trust": 2.5
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603",
        "trust": 2.5
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616",
        "trust": 2.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-128-01",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-600",
        "trust": 1.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-621",
        "trust": 1.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635",
        "trust": 1.4
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202005-295",
        "trust": 1.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618",
        "trust": 0.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9902",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9985",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9994",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9892",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9897",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9898",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9904",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-10026",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9890",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9891",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9889",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-9908",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "47382",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.1646",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "95F15ED9-ABD1-4FA7-B3B8-CCE038C93754",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "619B16C7-A995-4CDF-B7BE-D91E2BDC75EC",
        "trust": 0.2
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-601",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-620",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-602",
        "trust": 0.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-623",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-163136",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-10638",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
      },
      {
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-593"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739"
      },
      {
        "db": "VULHUB",
        "id": "VHN-163136"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-10638"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202005-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10638"
      }
    ]
  },
  "id": "VAR-202005-0008",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
      },
      {
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739"
      },
      {
        "db": "VULHUB",
        "id": "VHN-163136"
      }
    ],
    "trust": 1.679503486666667
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
      },
      {
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:52:36.251000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 8.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-36"
      },
      {
        "title": "Patch for Advantech WebAccess Node buffer overflow vulnerability (CNVD-2020-29739)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/218845"
      },
      {
        "title": "Advantech WebAccess Node Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118647"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-593"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202005-295"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-122",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-163136"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10638"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 8.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-36"
      },
      {
        "trust": 3.0,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-01"
      },
      {
        "trust": 1.8,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-593/"
      },
      {
        "trust": 1.8,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-599/"
      },
      {
        "trust": 1.8,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-600/"
      },
      {
        "trust": 1.8,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-603/"
      },
      {
        "trust": 1.8,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-616/"
      },
      {
        "trust": 1.8,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-621/"
      },
      {
        "trust": 0.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-635/"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10638"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/47382"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.1646/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-594/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-596/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-597/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-601/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-602/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-604/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-617/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-618/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-620/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-623/"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-631/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181596"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-593"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739"
      },
      {
        "db": "VULHUB",
        "id": "VHN-163136"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-10638"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202005-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10638"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-593",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-597",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-599",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-631",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-603",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-604",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-594",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-635",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-617",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-618",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-616",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-596",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29739",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-163136",
        "ident": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-10638",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202005-295",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10638",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2020-05-07T00:00:00",
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
        "ident": null
      },
      {
        "date": "2020-05-07T00:00:00",
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-593",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-597",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-599",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-631",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-603",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-604",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-594",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-635",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-617",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-618",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-616",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-596",
        "ident": null
      },
      {
        "date": "2020-05-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-29739",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-163136",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-10638",
        "ident": null
      },
      {
        "date": "2020-05-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202005-295",
        "ident": null
      },
      {
        "date": "2020-05-08T12:15:11.067000",
        "db": "NVD",
        "id": "CVE-2020-10638",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-593",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-597",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-599",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-631",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-603",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-604",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-594",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-635",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-617",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-618",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-616",
        "ident": null
      },
      {
        "date": "2020-05-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-596",
        "ident": null
      },
      {
        "date": "2020-05-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-29739",
        "ident": null
      },
      {
        "date": "2021-12-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-163136",
        "ident": null
      },
      {
        "date": "2020-05-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-10638",
        "ident": null
      },
      {
        "date": "2021-01-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202005-295",
        "ident": null
      },
      {
        "date": "2024-11-21T04:55:45.027000",
        "db": "NVD",
        "id": "CVE-2020-10638",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202005-295"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002723 Heap-based Buffer Overflow Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-593"
      }
    ],
    "trust": 0.7
  },
  "type": {
    "_id": null,
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
      },
      {
        "db": "IVD",
        "id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202005-295"
      }
    ],
    "trust": 1.0
  }
}

VAR-201601-0038

Vulnerability from variot - Updated: 2025-12-22 23:49

Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x272F IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 10.5,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "64dba96e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-090"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-0856"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Anonymous",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-16-090"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076"
      }
    ],
    "trust": 10.5
  },
  "cve": "CVE-2016-0856",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2016-0856",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 10.5,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2016-0856",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-00434",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "64dba96e-2351-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2016-0856",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2016-0856",
            "trust": 10.5,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-0856",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-00434",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201601-329",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "64dba96e-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "64dba96e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-090"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-0856"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x272F IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-0856"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-090"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434"
      },
      {
        "db": "IVD",
        "id": "64dba96e-2351-11e6-abef-000c29c66e3d"
      }
    ],
    "trust": 11.07
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-0856",
        "trust": 12.9
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-113",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-101",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-100",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-111",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-114",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-117",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-103",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-115",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-120",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-110",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-102",
        "trust": 1.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-109",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-16-014-01",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3211",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-090",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3239",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3207",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3175",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3189",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3245",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3215",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3213",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3203",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3184",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3182",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3193",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3205",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3195",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3225",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076",
        "trust": 0.7
      },
      {
        "db": "CXSECURITY",
        "id": "WLB-2018030263",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "64DBA96E-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "64dba96e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-090"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-0856"
      }
    ]
  },
  "id": "VAR-201601-0038",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "64dba96e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434"
      }
    ],
    "trust": 1.23470696
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "64dba96e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:49:01.892000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 10.5,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
      },
      {
        "title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2016-00434)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/70378"
      },
      {
        "title": "Advantech WebAccess Fixes for stack-based buffer overflow vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59647"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-16-090"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-0856"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 11.5,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-114"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-118"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-112"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-108"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-101"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-116"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-113"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-106"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-120"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-100"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-110"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-109"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-111"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-103"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-115"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-117"
      },
      {
        "trust": 1.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-102"
      },
      {
        "trust": 0.6,
        "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0856"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/issue/wlb-2018030263"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-16-090"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-0856"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "64dba96e-2351-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-090",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-062",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-094",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-051",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-112",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-056",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-098",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-116",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-118",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-108",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-096",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-106",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-076",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00434",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2016-0856",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2016-01-25T00:00:00",
        "db": "IVD",
        "id": "64dba96e-2351-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-090",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-062",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-094",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-051",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-112",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-056",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-086",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-088",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-098",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-116",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-118",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-108",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-096",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-106",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-076",
        "ident": null
      },
      {
        "date": "2016-01-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-00434",
        "ident": null
      },
      {
        "date": "2016-01-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201601-329",
        "ident": null
      },
      {
        "date": "2016-01-15T03:59:18.250000",
        "db": "NVD",
        "id": "CVE-2016-0856",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-090",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-062",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-094",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-051",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-112",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-056",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-086",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-088",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-098",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-116",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-118",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-108",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-096",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-106",
        "ident": null
      },
      {
        "date": "2016-02-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-076",
        "ident": null
      },
      {
        "date": "2016-01-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-00434",
        "ident": null
      },
      {
        "date": "2021-08-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201601-329",
        "ident": null
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2016-0856",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess webvrpcs Service BwKrlApi.dll strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-16-090"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-086"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-088"
      }
    ],
    "trust": 2.1
  },
  "type": {
    "_id": null,
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-329"
      }
    ],
    "trust": 0.6
  }
}

VAR-201801-0151

Vulnerability from variot - Updated: 2025-12-22 23:48

A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of the command line in the bwmail utility. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. Multiple stack-based buffer-overflow vulnerabilities 3. A directory-traversal vulnerability 4. An SQL-injection vulnerability 5. Failed attacks will cause denial of service conditions. versions prior to Advantech WebAccess 8.3 are vulnerable

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 9.1,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "webaccess 8.2 20170330",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.2"
      },
      {
        "_id": null,
        "model": "webaccess 8.1 20160519",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess 8.0 20150816",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-044"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671"
      },
      {
        "db": "BID",
        "id": "102424"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16724"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Steven Seeley (mr_me) of Offensive Security",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-044"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046"
      }
    ],
    "trust": 9.1
  },
  "cve": "CVE-2017-16724",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2017-16724",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 8.4,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-16724",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2017-16724",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2018-00671",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-107675",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-16724",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2017-16724",
            "trust": 8.4,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-16724",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "ZDI",
            "id": "CVE-2017-16724",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-00671",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201801-242",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-107675",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-044"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107675"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16724"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of the command line in the bwmail utility. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple denial-of-service vulnerabilities\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. A directory-traversal vulnerability\n4.  An SQL-injection vulnerability\n5. Failed attacks will cause denial of service conditions. \nversions prior to Advantech WebAccess 8.3 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-16724"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-044"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671"
      },
      {
        "db": "BID",
        "id": "102424"
      },
      {
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107675"
      }
    ],
    "trust": 10.17
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-16724",
        "trust": 11.9
      },
      {
        "db": "BID",
        "id": "102424",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-004-02",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5045",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-044",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5052",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5054",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5064",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4993",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5048",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5043",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5061",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5053",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5046",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5065",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5051",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5047",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "E2E0E08F-39AB-11E9-B1D1-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-107675",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-044"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107675"
      },
      {
        "db": "BID",
        "id": "102424"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16724"
      }
    ]
  },
  "id": "VAR-201801-0151",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107675"
      }
    ],
    "trust": 1.4972832733333332
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:48:57.831000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 9.1,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02"
      },
      {
        "title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-00671)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/113123"
      },
      {
        "title": "Advantech WebAccess Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77553"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-044"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-107675"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16724"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 11.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
      },
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/102424"
      },
      {
        "trust": 0.3,
        "url": "http://webaccess.advantech.com"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-044"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107675"
      },
      {
        "db": "BID",
        "id": "102424"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16724"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-044",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-050",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-053",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-061",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-025",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-047",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-042",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-058",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-052",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-045",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-062",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-051",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-046",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00671",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-107675",
        "ident": null
      },
      {
        "db": "BID",
        "id": "102424",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16724",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-01-10T00:00:00",
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-044",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-050",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-053",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-061",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-025",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-047",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-042",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-058",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-052",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-045",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-062",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-051",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-046",
        "ident": null
      },
      {
        "date": "2018-01-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00671",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-107675",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "BID",
        "id": "102424",
        "ident": null
      },
      {
        "date": "2018-01-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-242",
        "ident": null
      },
      {
        "date": "2018-01-05T08:29:00.347000",
        "db": "NVD",
        "id": "CVE-2017-16724",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-044",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-050",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-053",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-061",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-025",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-047",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-042",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-058",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-052",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-045",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-062",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-051",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-046",
        "ident": null
      },
      {
        "date": "2018-01-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00671",
        "ident": null
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-107675",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "BID",
        "id": "102424",
        "ident": null
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-242",
        "ident": null
      },
      {
        "date": "2024-11-21T03:16:51.453000",
        "db": "NVD",
        "id": "CVE-2017-16724",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess bwwfaa Stack-based Buffer Overflow Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-044"
      }
    ],
    "trust": 0.7
  },
  "type": {
    "_id": null,
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-242"
      }
    ],
    "trust": 0.8
  }
}

VAR-201801-0152

Vulnerability from variot - Updated: 2025-12-22 23:48

An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27e4 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A denial of service vulnerability exists in versions prior to Advantech WebAccess 8.3. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. Multiple stack-based buffer-overflow vulnerabilities 3. A directory-traversal vulnerability 4. An SQL-injection vulnerability 5. Multiple denial-of-service vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and obtain sensitive information

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 9.1,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "webaccess 8.2 20170330",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.2"
      },
      {
        "_id": null,
        "model": "webaccess 8.1 20160519",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess 8.0 20150816",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-035"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673"
      },
      {
        "db": "BID",
        "id": "102424"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16728"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Steven Seeley (mr_me) of Offensive Security",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-035"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032"
      }
    ],
    "trust": 9.1
  },
  "cve": "CVE-2017-16728",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2017-16728",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 9.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-16728",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-00673",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-107679",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-16728",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2017-16728",
            "trust": 9.1,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-16728",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-00673",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201801-241",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-107679",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-035"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107679"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16728"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27e4 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A denial of service vulnerability exists in versions prior to Advantech WebAccess 8.3. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple denial-of-service vulnerabilities\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. A directory-traversal vulnerability\n4.  An SQL-injection vulnerability\n5. Multiple denial-of-service vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and obtain sensitive information",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-16728"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-035"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673"
      },
      {
        "db": "BID",
        "id": "102424"
      },
      {
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107679"
      }
    ],
    "trust": 10.17
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-16728",
        "trust": 11.9
      },
      {
        "db": "BID",
        "id": "102424",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-004-02",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5003",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-035",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4959",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4973",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5006",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5007",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4999",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4974",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4958",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4975",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4961",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5004",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4962",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5000",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "E2E1079E-39AB-11E9-9B2B-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-107679",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-035"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107679"
      },
      {
        "db": "BID",
        "id": "102424"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16728"
      }
    ]
  },
  "id": "VAR-201801-0152",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107679"
      }
    ],
    "trust": 1.4972832733333332
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:48:57.732000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 9.1,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02"
      },
      {
        "title": "Patch for Advantech WebAccess Denial of Service Vulnerability (CNVD-2018-00673)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/113125"
      },
      {
        "title": "Advantech WebAccess Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77552"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-035"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-476",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-822",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-107679"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16728"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 11.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
      },
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/102424"
      },
      {
        "trust": 0.3,
        "url": "http://webaccess.advantech.com"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-035"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673"
      },
      {
        "db": "VULHUB",
        "id": "VHN-107679"
      },
      {
        "db": "BID",
        "id": "102424"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16728"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-035",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-012",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-020",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-038",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-039",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-031",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-021",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-011",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-022",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-014",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-036",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-032",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00673",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-107679",
        "ident": null
      },
      {
        "db": "BID",
        "id": "102424",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2017-16728",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-01-10T00:00:00",
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-035",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-012",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-020",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-038",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-039",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-031",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-021",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-011",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-022",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-014",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-036",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-015",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-032",
        "ident": null
      },
      {
        "date": "2018-01-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00673",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-107679",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "BID",
        "id": "102424",
        "ident": null
      },
      {
        "date": "2018-01-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-241",
        "ident": null
      },
      {
        "date": "2018-01-05T08:29:00.393000",
        "db": "NVD",
        "id": "CVE-2017-16728",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-035",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-012",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-020",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-038",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-039",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-031",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-021",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-011",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-022",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-014",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-036",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-015",
        "ident": null
      },
      {
        "date": "2018-01-05T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-032",
        "ident": null
      },
      {
        "date": "2018-01-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00673",
        "ident": null
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-107679",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "BID",
        "id": "102424",
        "ident": null
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-241",
        "ident": null
      },
      {
        "date": "2024-11-21T03:16:52.023000",
        "db": "NVD",
        "id": "CVE-2017-16728",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-012"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-015"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "_id": null,
    "data": "Code problem",
    "sources": [
      {
        "db": "IVD",
        "id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-241"
      }
    ],
    "trust": 0.8
  }
}

VAR-201805-1143

Vulnerability from variot - Updated: 2025-12-22 23:48

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within notify2.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess node",
        "scope": null,
        "trust": 9.1,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "advantech",
        "version": "8.2_20170817"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "advantech",
        "version": "8.3.0"
      },
      {
        "_id": null,
        "model": "webaccess dashboard",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "advantech",
        "version": "2.0.15"
      },
      {
        "_id": null,
        "model": "webaccess scada node",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "advantech",
        "version": "8.3.1"
      },
      {
        "_id": null,
        "model": "webaccess\\/nms",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "2.0.3"
      },
      {
        "_id": null,
        "model": "webaccess scada",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.3.1"
      },
      {
        "_id": null,
        "model": "webaccess/nms",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "2.0.3"
      },
      {
        "_id": null,
        "model": "webaccess \u003c=8.2 20170817",
        "scope": null,
        "trust": 0.6,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=8.3.0"
      },
      {
        "_id": null,
        "model": "webaccess dashboard",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=2.0.15"
      },
      {
        "_id": null,
        "model": "webaccess/nms",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=2.0.3"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.3.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.2_20170817"
      },
      {
        "_id": null,
        "model": "webaccess dashboard",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "2.0.15"
      },
      {
        "_id": null,
        "model": "webaccess\\/nms",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "2.0.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "webaccess",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess dashboard",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess scada",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess nms",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-516"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-513"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7499"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:webaccess",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:advantech:webaccess_scada",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Mat Powell - Trend Micro Zero Day Initiative",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-516"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524"
      }
    ],
    "trust": 8.4
  },
  "cve": "CVE-2018-7499",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2018-7499",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 9.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-7499",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-10713",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-7499",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-7499",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2018-7499",
            "trust": 9.1,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-7499",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-7499",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-10713",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201805-446",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
            "trust": 0.2,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-516"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-513"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7499"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within notify2.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7499"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-516"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-513"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713"
      },
      {
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
      }
    ],
    "trust": 10.53
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-7499",
        "trust": 12.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-135-01",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "104190",
        "trust": 1.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5691",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-516",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5694",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5698",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5700",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5684",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5686",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5682",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5688",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-513",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5676",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5681",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5678",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5696",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5699",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "E2F10D30-39AB-11E9-AE57-000C29342CB1",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-516"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-513"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7499"
      }
    ]
  },
  "id": "VAR-201805-1143",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713"
      }
    ],
    "trust": 1.4316815933333333
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:48:56.039000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 9.1,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
      },
      {
        "title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/"
      },
      {
        "title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-10713)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/130743"
      },
      {
        "title": "Multiple Advantech Product Buffer Error Vulnerability Fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80056"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-516"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-513"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-787",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7499"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 12.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/104190"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7499"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7499"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-516"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-513"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7499"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-516",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-519",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-523",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-525",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-509",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-511",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-507",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-513",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-501",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-506",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-503",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-521",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-524",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10713",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7499",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-31T00:00:00",
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-516",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-519",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-523",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-525",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-509",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-511",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-507",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-513",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-501",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-506",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-503",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-521",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-524",
        "ident": null
      },
      {
        "date": "2018-05-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-10713",
        "ident": null
      },
      {
        "date": "2018-05-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201805-446",
        "ident": null
      },
      {
        "date": "2018-07-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-005072",
        "ident": null
      },
      {
        "date": "2018-05-15T22:29:00.503000",
        "db": "NVD",
        "id": "CVE-2018-7499",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-516",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-519",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-523",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-525",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-509",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-511",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-507",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-513",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-501",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-506",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-503",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-521",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-524",
        "ident": null
      },
      {
        "date": "2018-05-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-10713",
        "ident": null
      },
      {
        "date": "2020-10-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201805-446",
        "ident": null
      },
      {
        "date": "2018-07-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-005072",
        "ident": null
      },
      {
        "date": "2024-11-21T04:12:15.050000",
        "db": "NVD",
        "id": "CVE-2018-7499",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "plural  Advantech WebAccess Product buffer error vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005072"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-446"
      }
    ],
    "trust": 0.8
  }
}

VAR-201805-1144

Vulnerability from variot - Updated: 2025-12-22 23:48

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the PointList function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). SQL injection vulnerabilities exist in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess node",
        "scope": null,
        "trust": 9.1,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.2_20170817"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.3.0"
      },
      {
        "_id": null,
        "model": "webaccess\\/nms",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "2.0.3"
      },
      {
        "_id": null,
        "model": "webaccess scada",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.3.1"
      },
      {
        "_id": null,
        "model": "webaccess dashboard",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "2.0.15"
      },
      {
        "_id": null,
        "model": "webaccess dashboard",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "2.0.15"
      },
      {
        "_id": null,
        "model": "webaccess \u003c=8.2 20170817",
        "scope": null,
        "trust": 0.6,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=8.3.0"
      },
      {
        "_id": null,
        "model": "webaccess dashboard",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=2.0.15"
      },
      {
        "_id": null,
        "model": "webaccess scada node",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.3.1"
      },
      {
        "_id": null,
        "model": "webaccess/nms",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=2.0.3"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.3.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.2_20170817"
      },
      {
        "_id": null,
        "model": "webaccess\\/nms",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "2.0.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "webaccess",
        "version": "*"
      },
      {
        "_id": null,
        "model": "webaccess/nms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "2.0.3"
      },
      {
        "_id": null,
        "model": "webaccess/nms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "2.0"
      },
      {
        "_id": null,
        "model": "webaccess scada node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": "webaccess dashboard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "2.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": "webaccess 8.2 20170817",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess 8.2 20170330",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.2"
      },
      {
        "_id": null,
        "model": "webaccess 8.1 20160519",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess 8.0 20150816",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess dashboard",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess scada",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess nms",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-481"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317"
      },
      {
        "db": "BID",
        "id": "104190"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7501"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "rgod",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-481"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473"
      }
    ],
    "trust": 9.1
  },
  "cve": "CVE-2018-7501",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "ZDI",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2018-7501",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 7.0,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-7501",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 3.1,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2018-10317",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-137533",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-7501",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2018-7501",
            "trust": 9.1,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-7501",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-10317",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201805-445",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-137533",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-481"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317"
      },
      {
        "db": "VULHUB",
        "id": "VHN-137533"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7501"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the PointList function in BWMobileService.dll.  When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). SQL injection vulnerabilities exist in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the  context of the application, or modify data, or exploit latent   vulnerabilities in the underlying database,  delete arbitrary files,  gain elevated privileges, perform certain unauthorized actions, upload  arbitrary files to the affected application gain unauthorized access and  obtain sensitive information. Failed attacks will cause denial of  service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7501"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-481"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317"
      },
      {
        "db": "BID",
        "id": "104190"
      },
      {
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-137533"
      }
    ],
    "trust": 10.17
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-7501",
        "trust": 11.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-135-01",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "104190",
        "trust": 2.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5611",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-481",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5653",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5649",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5652",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5650",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5609",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5597",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5608",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5590",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5606",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5610",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5651",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5596",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "E2F022CF-39AB-11E9-A809-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-137533",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-481"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317"
      },
      {
        "db": "VULHUB",
        "id": "VHN-137533"
      },
      {
        "db": "BID",
        "id": "104190"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7501"
      }
    ]
  },
  "id": "VAR-201805-1144",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317"
      },
      {
        "db": "VULHUB",
        "id": "VHN-137533"
      }
    ],
    "trust": 1.5434040525000001
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317"
      }
    ]
  },
  "last_update_date": "2025-12-22T23:48:55.924000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 9.1,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
      },
      {
        "title": "Patch for Advantech WebAccess SQL Injection Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/130233"
      },
      {
        "title": "Multiple Advantech product SQL Repair measures for injecting vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80055"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-481"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-89",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-137533"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7501"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 11.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/104190"
      },
      {
        "trust": 0.3,
        "url": "http://webaccess.advantech.com"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-481"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317"
      },
      {
        "db": "VULHUB",
        "id": "VHN-137533"
      },
      {
        "db": "BID",
        "id": "104190"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7501"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-481",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-489",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-485",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-488",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-486",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-479",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-474",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-478",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-553",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-476",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-480",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-487",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-473",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10317",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-137533",
        "ident": null
      },
      {
        "db": "BID",
        "id": "104190",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7501",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-25T00:00:00",
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-481",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-489",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-485",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-488",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-486",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-479",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-474",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-478",
        "ident": null
      },
      {
        "date": "2018-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-553",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-476",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-480",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-487",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-473",
        "ident": null
      },
      {
        "date": "2018-05-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-10317",
        "ident": null
      },
      {
        "date": "2018-05-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-137533",
        "ident": null
      },
      {
        "date": "2018-05-15T00:00:00",
        "db": "BID",
        "id": "104190",
        "ident": null
      },
      {
        "date": "2018-05-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201805-445",
        "ident": null
      },
      {
        "date": "2018-05-15T22:29:00.567000",
        "db": "NVD",
        "id": "CVE-2018-7501",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-481",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-489",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-485",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-488",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-486",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-479",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-474",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-478",
        "ident": null
      },
      {
        "date": "2018-06-08T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-553",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-476",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-480",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-487",
        "ident": null
      },
      {
        "date": "2018-05-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-473",
        "ident": null
      },
      {
        "date": "2018-05-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-10317",
        "ident": null
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-137533",
        "ident": null
      },
      {
        "date": "2018-05-15T00:00:00",
        "db": "BID",
        "id": "104190",
        "ident": null
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201805-445",
        "ident": null
      },
      {
        "date": "2024-11-21T04:12:15.263000",
        "db": "NVD",
        "id": "CVE-2018-7501",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess Node BWSCADASoap GetAlarms SQL Injection Information Disclosure Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-481"
      }
    ],
    "trust": 0.7
  },
  "type": {
    "_id": null,
    "data": "SQL injection",
    "sources": [
      {
        "db": "IVD",
        "id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201805-445"
      }
    ],
    "trust": 0.8
  }
}

VAR-201407-0236

Vulnerability from variot - Updated: 2025-10-07 23:01

The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. This vulnerability allows remote attackers to bypass authentication requirements on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ChkCookieNoRedir function. By providing arbitrary values to certain fields, an attacker can receive a session authentication cookie despite receiving an error message. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. If you set user, proj, and scada are set and bwuser is true, you can access multiple restricted pages. This may aid in further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Show details on source website

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0236",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2367"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "John Leitch",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-2367",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2014-2367",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-2367",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.7,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-04531",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7fc402-463f-11e9-b23e-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-70306",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-2367",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-2367",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-2367",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-2367",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04531",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-479",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d7fc402-463f-11e9-b23e-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-70306",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2367"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2367"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. This vulnerability allows remote attackers to bypass authentication requirements on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ChkCookieNoRedir function. By providing arbitrary values to certain fields, an attacker can receive a session authentication cookie despite receiving an error message. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. If you set user, proj, and scada are set and bwuser is true, you can access multiple restricted pages. This may aid in further attacks. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2367"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "db": "BID",
        "id": "68716"
      },
      {
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70306"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-2367",
        "trust": 4.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-198-02",
        "trust": 3.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-479",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "68716",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2079",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-249",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "7D7FC402-463F-11E9-B23E-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "E4A5D23C-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-70306",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70306"
      },
      {
        "db": "BID",
        "id": "68716"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2367"
      }
    ]
  },
  "id": "VAR-201407-0236",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70306"
      }
    ],
    "trust": 1.53470696
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      }
    ]
  },
  "last_update_date": "2025-10-07T23:01:18.868000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02"
      },
      {
        "title": "Advantech WebAccess Remote Verification Bypass Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47826"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-592",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70306"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2367"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2367"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2367"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2367"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70306"
      },
      {
        "db": "BID",
        "id": "68716"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2367"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-24T00:00:00",
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "date": "2014-07-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70306"
      },
      {
        "date": "2014-07-15T00:00:00",
        "db": "BID",
        "id": "68716"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "date": "2014-07-19T05:09:27.720000",
        "db": "NVD",
        "id": "CVE-2014-2367"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      },
      {
        "date": "2014-07-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70306"
      },
      {
        "date": "2014-07-22T00:07:00",
        "db": "BID",
        "id": "68716"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003490"
      },
      {
        "date": "2025-10-06T18:15:48.380000",
        "db": "NVD",
        "id": "CVE-2014-2367"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Advantech WebAccess Remote Authentication Bypass Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc402-463f-11e9-b23e-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e4a5d23c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-249"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04531"
      }
    ],
    "trust": 1.7
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-479"
      }
    ],
    "trust": 0.6
  }
}

VAR-201407-0237

Vulnerability from variot - Updated: 2025-10-07 23:01

The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists with the bwocxrun ActiveX control, which allows for navigation from the network to the local file system. When combined with system settings and other components included as part of the installation, this allows for the activation of ActiveX controls resident on the local file system (even if not installed) without user interaction. An attacker can use this to install vulnerable controls on the target system. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to a remote security weakness. This may aid in further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a security vulnerability in the 'BrowseFolder' method in the bwocxrun ActiveX control of Advantech WebAccess 7.1 and earlier

Show details on source website

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0237",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2368"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Anonymous",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-245"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-2368",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-2368",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-2368",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.7,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-04532",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7fc401-463f-11e9-82e2-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e49f790a-2351-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-70307",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-2368",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-2368",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-2368",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-2368",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04532",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-480",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d7fc401-463f-11e9-82e2-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e49f790a-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-70307",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70307"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2368"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2368"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists with the bwocxrun ActiveX control, which allows for navigation from the network to the local file system. When combined with system settings and other components included as part of the installation, this allows for the activation of ActiveX controls resident on the local file system (even if not installed) without user interaction. An attacker can use this to install vulnerable controls on the target system. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to a remote security weakness. This may aid in further attacks. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a security vulnerability in the \u0027BrowseFolder\u0027 method in the bwocxrun ActiveX control of Advantech WebAccess 7.1 and earlier",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "db": "BID",
        "id": "68715"
      },
      {
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70307"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-2368",
        "trust": 4.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-198-02",
        "trust": 3.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "68715",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2061",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-245",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "7D7FC401-463F-11E9-82E2-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "E49F790A-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-70307",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70307"
      },
      {
        "db": "BID",
        "id": "68715"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2368"
      }
    ]
  },
  "id": "VAR-201407-0237",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70307"
      }
    ],
    "trust": 1.53470696
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      }
    ]
  },
  "last_update_date": "2025-10-07T23:01:18.729000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02"
      },
      {
        "title": "Advantech WebAccess bwocxrun unsafe ActiveX control information disclosure vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47825"
      },
      {
        "title": "AdvantechWebAccessCHNNode_20140606_3.4.3",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=50905"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-623",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70307"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2368"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2368"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2368"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70307"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2368"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70307"
      },
      {
        "db": "BID",
        "id": "68715"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2368"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-24T00:00:00",
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "date": "2014-07-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70307"
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "BID",
        "id": "68715"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "date": "2014-07-19T05:09:27.753000",
        "db": "NVD",
        "id": "CVE-2014-2368"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-245"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      },
      {
        "date": "2014-07-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70307"
      },
      {
        "date": "2014-07-22T00:07:00",
        "db": "BID",
        "id": "68715"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003491"
      },
      {
        "date": "2025-10-06T18:15:48.530000",
        "db": "NVD",
        "id": "CVE-2014-2368"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Advantech WebAccess bwocxrun Unsafe ActiveX Control Information Disclosure Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e49f790a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04532"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-480"
      }
    ],
    "trust": 0.6
  }
}

VAR-201407-0234

Vulnerability from variot - Updated: 2025-10-07 23:01

Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gmicons.asp functionality. An attacker may leverage this to run arbitrary code in the context of the WebAccess service. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. There are security vulnerabilities in Advantech WebAccess 7.1 and earlier versions

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-251"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-477"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2365"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "John Leitch",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-251"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-2365",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2014-2365",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2014-2365",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.7,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2014-04462",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "7d71e152-463f-11e9-af14-000c29342cb1",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "e482e66e-2351-11e6-abef-000c29c66e3d",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "VHN-70304",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:N/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-2365",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-2365",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-2365",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-2365",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04462",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-477",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d71e152-463f-11e9-af14-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e482e66e-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-70304",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-251"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70304"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-477"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2365"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2365"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gmicons.asp functionality. An attacker may leverage this to run arbitrary code in the context of the WebAccess service. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. \nAdvantech WebAccess 7.1 and prior are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. There are security vulnerabilities in Advantech WebAccess 7.1 and earlier versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2365"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-251"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      },
      {
        "db": "BID",
        "id": "68718"
      },
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70304"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-2365",
        "trust": 4.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-198-02",
        "trust": 2.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-477",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "68718",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2086",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-251",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "7D71E152-463F-11E9-AF14-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "E482E66E-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-70304",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-251"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70304"
      },
      {
        "db": "BID",
        "id": "68718"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-477"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2365"
      }
    ]
  },
  "id": "VAR-201407-0234",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70304"
      }
    ],
    "trust": 1.53470696
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      }
    ]
  },
  "last_update_date": "2025-10-07T23:01:18.680000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02"
      },
      {
        "title": "Patch for Advantech WebAccess Remote Code Execution Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47712"
      },
      {
        "title": "AdvantechWebAccessCHNNode_20140606_3.4.3",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=50905"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-251"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-477"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-284",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2365"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.2,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2365"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2365"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/68718"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-251"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70304"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-477"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2365"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-251",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-70304",
        "ident": null
      },
      {
        "db": "BID",
        "id": "68718",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-477",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003488",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2365",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-07-22T00:00:00",
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-251",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04462",
        "ident": null
      },
      {
        "date": "2014-07-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70304",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "BID",
        "id": "68718",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-477",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003488",
        "ident": null
      },
      {
        "date": "2014-07-19T05:09:27.627000",
        "db": "NVD",
        "id": "CVE-2014-2365",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-251",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04462",
        "ident": null
      },
      {
        "date": "2014-07-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70304",
        "ident": null
      },
      {
        "date": "2014-07-22T00:07:00",
        "db": "BID",
        "id": "68718",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-477",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003488",
        "ident": null
      },
      {
        "date": "2025-10-06T18:15:48.070000",
        "db": "NVD",
        "id": "CVE-2014-2365",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-477"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess Remote code execution vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-251"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04462"
      }
    ],
    "trust": 1.7
  },
  "type": {
    "_id": null,
    "data": "Code injection",
    "sources": [
      {
        "db": "IVD",
        "id": "7d71e152-463f-11e9-af14-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e482e66e-2351-11e6-abef-000c29c66e3d"
      }
    ],
    "trust": 0.4
  }
}

VAR-201407-0235

Vulnerability from variot - Updated: 2025-10-07 23:01

upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code. This vulnerability allows remote attackers to disclose arbitrary credentials on vulnerable versions of Advantech WebAccess. Authentication is required to exploit this vulnerability. The specific flaw exists within the upAdminPg.asp component. An authenticated user can provide an arbitrary existing account name to this page and receive the account password. An attacker can leverage this vulnerability to then authenticate as the WebAccess Administrator. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess has a password disclosure vulnerability, and its upAdminPg.asp component contains passwords for specific accounts, allowing attackers to exploit vulnerabilities to obtain sensitive information. Advantech WebAccess is prone to a remote information-disclosure vulnerability. This may aid in further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There are security holes in the upAdminPg.asp script of Advantech WebAccess 7.1 and earlier versions

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e493ef22-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-250"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-478"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2366"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "John Leitch",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-250"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-2366",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2014-2366",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2014-2366",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.7,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2014-04530",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "e493ef22-2351-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-70305",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-2366",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-2366",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-2366",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-2366",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04530",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-478",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e493ef22-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-70305",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e493ef22-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-250"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70305"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-478"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2366"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2366"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code. This vulnerability allows remote attackers to disclose arbitrary credentials on vulnerable versions of Advantech WebAccess. Authentication is required to exploit this vulnerability. The specific flaw exists within the upAdminPg.asp component. An authenticated user can provide an arbitrary existing account name to this page and receive the account password. An attacker can leverage this vulnerability to then authenticate as the WebAccess Administrator. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess has a password disclosure vulnerability, and its upAdminPg.asp component contains passwords for specific accounts, allowing attackers to exploit vulnerabilities to obtain sensitive information. Advantech WebAccess is prone to a remote information-disclosure vulnerability. This may aid in further attacks. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There are security holes in the upAdminPg.asp script of Advantech WebAccess 7.1 and earlier versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-250"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      },
      {
        "db": "BID",
        "id": "68717"
      },
      {
        "db": "IVD",
        "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e493ef22-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70305"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-2366",
        "trust": 4.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-198-02",
        "trust": 3.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-478",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "68717",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2085",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-250",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "7D7FEB0F-463F-11E9-8E94-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "E493EF22-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-70305",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e493ef22-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-250"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70305"
      },
      {
        "db": "BID",
        "id": "68717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-478"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2366"
      }
    ]
  },
  "id": "VAR-201407-0235",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e493ef22-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70305"
      }
    ],
    "trust": 1.53470696
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e493ef22-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      }
    ]
  },
  "last_update_date": "2025-10-07T23:01:18.629000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02"
      },
      {
        "title": "Patch for Advantech WebAccess Password Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47827"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-250"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-316",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2366"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-198-02"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2366"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2366"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-250"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70305"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-478"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2366"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "e493ef22-2351-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-250",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-70305",
        "ident": null
      },
      {
        "db": "BID",
        "id": "68717",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-478",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003489",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2366",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-07-24T00:00:00",
        "db": "IVD",
        "id": "7d7feb0f-463f-11e9-8e94-000c29342cb1",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "IVD",
        "id": "e493ef22-2351-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-250",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04530",
        "ident": null
      },
      {
        "date": "2014-07-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70305",
        "ident": null
      },
      {
        "date": "2014-07-15T00:00:00",
        "db": "BID",
        "id": "68717",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-478",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003489",
        "ident": null
      },
      {
        "date": "2014-07-19T05:09:27.673000",
        "db": "NVD",
        "id": "CVE-2014-2366",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-250",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04530",
        "ident": null
      },
      {
        "date": "2014-07-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70305",
        "ident": null
      },
      {
        "date": "2014-07-22T00:07:00",
        "db": "BID",
        "id": "68717",
        "ident": null
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-478",
        "ident": null
      },
      {
        "date": "2014-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003489",
        "ident": null
      },
      {
        "date": "2025-10-06T18:15:48.223000",
        "db": "NVD",
        "id": "CVE-2014-2366",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-478"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess Password Disclosure Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-250"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04530"
      }
    ],
    "trust": 1.3
  },
  "type": {
    "_id": null,
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-478"
      }
    ],
    "trust": 0.6
  }
}

VAR-201404-0546

Vulnerability from variot - Updated: 2025-09-21 23:04

The BWOCXRUN.BwocxrunCtrl.1 control contains a method named “OpenUrlToBuffer.” This method takes a URL as a parameter and returns its contents to the caller in JavaScript. The URLs are accessed in the security context of the current browser session. The control does not perform any URL validation and allows “file://” URLs that access the local disk.

The method can be used to open a URL (including file URLs) and read file URLs through JavaScript. This method could also be used to reach any arbitrary URL to which the browser has access. This vulnerability allows remote attackers to access arbitrary files on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx cntrol. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-137"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-176"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0771"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Anonymous",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-137"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0771",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0771",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 2.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0771",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02264",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7bf370-463f-11e9-80e2-000c29342cb1",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "166da128-2352-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68264",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0771",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0771",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0771",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0771",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02264",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-176",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d7bf370-463f-11e9-80e2-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "166da128-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68264",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-137"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68264"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-176"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0771"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0771"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "The BWOCXRUN.BwocxrunCtrl.1 control contains a method named \n\u201cOpenUrlToBuffer.\u201d This method takes a URL as a parameter and returns \nits contents to the caller in JavaScript. The URLs are accessed in the \nsecurity context of the current browser session. The control does not \nperform any URL validation and allows \u201cfile://\u201d URLs that access the \nlocal disk. \n\n\nThe method can be used to open a URL (including file URLs) and read \nfile URLs through JavaScript. This method could also be used to reach \nany arbitrary URL to which the browser has access. This vulnerability allows remote attackers to access arbitrary files on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx cntrol. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0771"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-137"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      },
      {
        "db": "BID",
        "id": "66750"
      },
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68264"
      }
    ],
    "trust": 3.69
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0771",
        "trust": 4.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-176",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "66750",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2093",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-137",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105569",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "7271C1CE-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D7BF370-463F-11E9-80E2-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "166DA128-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68264",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-137"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68264"
      },
      {
        "db": "BID",
        "id": "66750"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-176"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0771"
      }
    ]
  },
  "id": "VAR-201404-0546",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68264"
      }
    ],
    "trust": 1.73470696
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:14.221000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Advantech WebAccess bwocxrun.ocx patch for arbitrary file access vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44788"
      },
      {
        "title": "AdvantechWebAccessCHNNode_2014.03.03_3.3.1",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49251"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-137"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-176"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-538",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68264"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0771"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0771"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0771"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105569"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-137"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68264"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-176"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0771"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-137",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-68264",
        "ident": null
      },
      {
        "db": "BID",
        "id": "66750",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-176",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001981",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0771",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-05-19T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-137",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02264",
        "ident": null
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68264",
        "ident": null
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66750",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-176",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001981",
        "ident": null
      },
      {
        "date": "2014-04-12T04:37:31.643000",
        "db": "NVD",
        "id": "CVE-2014-0771",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-05-19T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-137",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02264",
        "ident": null
      },
      {
        "date": "2014-04-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68264",
        "ident": null
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66750",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-176",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001981",
        "ident": null
      },
      {
        "date": "2025-09-19T20:15:37.683000",
        "db": "NVD",
        "id": "CVE-2014-0771",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-176"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess bwocxrun.ocx Arbitrary File Access Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02264"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "_id": null,
    "data": "Information leakage",
    "sources": [
      {
        "db": "IVD",
        "id": "7271c1ce-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf370-463f-11e9-80e2-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "166da128-2352-11e6-abef-000c29c66e3d"
      }
    ],
    "trust": 0.6
  }
}

VAR-201404-0539

Vulnerability from variot - Updated: 2025-09-21 23:04

By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing NodeName parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "*"
      },
      {
        "_id": null,
        "model": "broadwin webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262"
      },
      {
        "db": "BID",
        "id": "66718"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0764"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Tom Gallagher",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-076"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0764",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0764",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02262",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "1645f628-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7c1a80-463f-11e9-a220-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68257",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0764",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0764",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0764",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0764",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02262",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-170",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "1645f628-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d7c1a80-463f-11e9-a220-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68257",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68257"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0764"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0764"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "By providing an overly long string to the NodeName parameter, an \nattacker may be able to overflow the static stack buffer. The attacker \nmay then execute code on the target device remotely. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing NodeName parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow  vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a  denial-of-service condition. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0764"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262"
      },
      {
        "db": "BID",
        "id": "66718"
      },
      {
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68257"
      }
    ],
    "trust": 3.69
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0764",
        "trust": 4.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "66718",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2009",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-076",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105573",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "2B34B2F8-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "1645F628-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D7C1A80-463F-11E9-A220-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68257",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68257"
      },
      {
        "db": "BID",
        "id": "66718"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0764"
      }
    ]
  },
  "id": "VAR-201404-0539",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68257"
      }
    ],
    "trust": 1.951177005
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:14.164000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Patch for Advantech WebAccess NodeName parameter handling stack buffer overflow vulnerability (CNVD-2014-02262)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44786"
      },
      {
        "title": "AdvantechWebAccessCHNNode_2014.03.03_3.3.1",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49251"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68257"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0764"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/66718"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0764"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0764"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105573"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-076"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68257"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0764"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-076",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02262",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-68257",
        "ident": null
      },
      {
        "db": "BID",
        "id": "66718",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0764",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1",
        "ident": null
      },
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-076",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02262",
        "ident": null
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68257",
        "ident": null
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66718",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-170",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001975",
        "ident": null
      },
      {
        "date": "2014-04-12T04:37:31.470000",
        "db": "NVD",
        "id": "CVE-2014-0764",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-076",
        "ident": null
      },
      {
        "date": "2014-04-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02262",
        "ident": null
      },
      {
        "date": "2015-07-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68257",
        "ident": null
      },
      {
        "date": "2014-04-17T00:40:00",
        "db": "BID",
        "id": "66718",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-170",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001975",
        "ident": null
      },
      {
        "date": "2025-09-19T19:15:37.717000",
        "db": "NVD",
        "id": "CVE-2014-0764",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess Vulnerable to stack-based buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001975"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "2b34b2f8-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1645f628-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7c1a80-463f-11e9-a220-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-170"
      }
    ],
    "trust": 1.2
  }
}

VAR-201404-0543

Vulnerability from variot - Updated: 2025-09-21 23:04

An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. The attacker may then remotely execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied AccessCode2 string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing Username parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      },
      {
        "_id": null,
        "model": "broadwin webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-116"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245"
      },
      {
        "db": "BID",
        "id": "66732"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-174"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0768"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Tom Gallagher",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-116"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0768",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0768",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02245",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "3013e55a-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "167bb862-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68261",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0768",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0768",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0768",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0768",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02245",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-174",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "3013e55a-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "167bb862-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68261",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-116"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68261"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-174"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0768"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0768"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An attacker may pass an overly long value from the AccessCode2 argument \nto the control to overflow the static stack buffer. The attacker may \nthen remotely execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied AccessCode2 string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing Username parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow  vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a  denial-of-service condition. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0768"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-116"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245"
      },
      {
        "db": "BID",
        "id": "66732"
      },
      {
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68261"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0768",
        "trust": 4.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "66732",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-174",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2013",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-116",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105567",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "3013E55A-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "167BB862-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68261",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-116"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68261"
      },
      {
        "db": "BID",
        "id": "66732"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-174"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0768"
      }
    ]
  },
  "id": "VAR-201404-0543",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68261"
      }
    ],
    "trust": 1.7511770050000002
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:14.113000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Advantech WebAccess userName parameter handles patch buffer overflow vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44784"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-116"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68261"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0768"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/66732"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0768"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0768"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105567"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-116"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68261"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-174"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0768"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-116",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02245",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-68261",
        "ident": null
      },
      {
        "db": "BID",
        "id": "66732",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-174",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0768",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-116",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02245",
        "ident": null
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68261",
        "ident": null
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66732",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-174",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001979",
        "ident": null
      },
      {
        "date": "2014-04-12T04:37:31.597000",
        "db": "NVD",
        "id": "CVE-2014-0768",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-24T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-116",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02245",
        "ident": null
      },
      {
        "date": "2015-07-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68261",
        "ident": null
      },
      {
        "date": "2014-09-03T14:26:00",
        "db": "BID",
        "id": "66732",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-174",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001979",
        "ident": null
      },
      {
        "date": "2025-09-19T20:15:37.343000",
        "db": "NVD",
        "id": "CVE-2014-0768",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-174"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess Vulnerable to stack-based buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001979"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "3013e55a-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "167bb862-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-174"
      }
    ],
    "trust": 1.0
  }
}

VAR-201404-0548

Vulnerability from variot - Updated: 2025-09-21 23:04

The BWOCXRUN.BwocxrunCtrl.1 control contains a method named “CreateProcess.” This method contains validation to ensure an attacker cannot run arbitrary command lines. After validation, the values supplied in the HTML are passed to the Windows CreateProcessA API.

The validation can be bypassed allowing for running arbitrary command lines. The command line can specify running remote files (example: UNC command line).

A function exists at offset 100019B0 of bwocxrun.ocx. Inside this function, there are 3 calls to strstr to check the contents of the user specified command line. If “\setup.exe,” “\bwvbprt.exe,” or “\bwvbprtl.exe” are contained in the command line (strstr returns nonzero value), the command line passes validation and is then passed to CreateProcessA. Advantech WebAccess of bwocxrun.ocx Inside BWOCXRUN.BwocxrunCtrl.1 ActiveX Control CreateProcess Method from any pathname (1) setup.exe , (2) bwvbprt.exe ,and (3) bwvbprtl.exe A vulnerability exists that allows program execution. Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. http://cwe.mitre.org/data/definitions/77.htmlFrom an arbitrary path name via a crafted argument by a third party (1) setup.exe , (2) bwvbprt.exe ,and (3) bwvbprtl.exe The program may be executed. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx. The control exposes a scriptable method 'CreateProcess'. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Show details on source website

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0548",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0773"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Anonymous",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-139"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0773",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0773",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02268",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "16b76f4c-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68266",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0773",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0773",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0773",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0773",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02268",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-178",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "16b76f4c-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68266",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68266"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0773"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0773"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The BWOCXRUN.BwocxrunCtrl.1 control contains a method named \n\u201cCreateProcess.\u201d This method contains validation to ensure an attacker \ncannot run arbitrary command lines. After validation, the values \nsupplied in the HTML are passed to the Windows CreateProcessA API. \n\n\nThe validation can be bypassed allowing for running arbitrary command\n lines. The command line can specify running remote files (example: UNC \ncommand line). \n\n\nA function exists at offset 100019B0 of bwocxrun.ocx. Inside this \nfunction, there are 3 calls to strstr to check the contents of the user \nspecified command line. If \u201c\\setup.exe,\u201d \u201c\\bwvbprt.exe,\u201d or \n\u201c\\bwvbprtl.exe\u201d are contained in the command line (strstr returns \nnonzero value), the command line passes validation and is then passed to\n CreateProcessA. Advantech WebAccess of bwocxrun.ocx Inside BWOCXRUN.BwocxrunCtrl.1 ActiveX Control CreateProcess Method from any pathname (1) setup.exe , (2) bwvbprt.exe ,and (3) bwvbprtl.exe A vulnerability exists that allows program execution. Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. http://cwe.mitre.org/data/definitions/77.htmlFrom an arbitrary path name via a crafted argument by a third party (1) setup.exe , (2) bwvbprt.exe ,and (3) bwvbprtl.exe The program may be executed. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx. The control exposes a scriptable method \u0027CreateProcess\u0027. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0773"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "db": "BID",
        "id": "66742"
      },
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68266"
      }
    ],
    "trust": 3.69
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0773",
        "trust": 4.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-178",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "66742",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2095",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-139",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105571",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "704A2DD2-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "16B76F4C-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D7BCC5F-463F-11E9-AA10-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68266",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68266"
      },
      {
        "db": "BID",
        "id": "66742"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0773"
      }
    ]
  },
  "id": "VAR-201404-0548",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68266"
      }
    ],
    "trust": 1.73470696
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:14.061000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Advantech WebAccess bwocxrun.ocx CreateProcess method remote command execution vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44791"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-77",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0773"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0773"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0773"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105571"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68266"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0773"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68266"
      },
      {
        "db": "BID",
        "id": "66742"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0773"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "date": "2014-05-19T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68266"
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66742"
      },
      {
        "date": "2014-04-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-178"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "date": "2014-04-12T04:37:31.707000",
        "db": "NVD",
        "id": "CVE-2014-0773"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-05-19T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-139"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      },
      {
        "date": "2014-04-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68266"
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66742"
      },
      {
        "date": "2014-04-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-178"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001983"
      },
      {
        "date": "2025-09-19T20:15:38.027000",
        "db": "NVD",
        "id": "CVE-2014-0773"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-178"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Advantech WebAccess bwocxrun.ocx CreateProcess Method Remote Command Execution Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02268"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Command injection",
    "sources": [
      {
        "db": "IVD",
        "id": "704a2dd2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "16b76f4c-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bcc5f-463f-11e9-aa10-000c29342cb1"
      }
    ],
    "trust": 0.6
  }
}

VAR-201404-0541

Vulnerability from variot - Updated: 2025-09-21 23:04

An attacker can exploit this vulnerability by copying an overly long NodeName2 argument into a statically sized buffer on the stack to overflow the static stack buffer. An attacker may use this vulnerability to remotely execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied NodeName2 string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing odeName2 parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, causing applications to crash or execute arbitrary code. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      },
      {
        "_id": null,
        "model": "broadwin webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-073"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      },
      {
        "db": "BID",
        "id": "66725"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0766"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Tom Gallagher",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-073"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0766",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0766",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02242",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "168cdc96-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68259",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0766",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0766",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0766",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0766",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02242",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-172",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "168cdc96-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68259",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-073"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68259"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0766"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0766"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An attacker can exploit this vulnerability by copying an overly long \nNodeName2 argument into a statically sized buffer on the stack to \noverflow the static stack buffer. An attacker may use this vulnerability\n to remotely execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied NodeName2 string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing odeName2 parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, causing applications to crash or execute arbitrary code. Failed attempts will likely cause a  denial-of-service condition. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-073"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      },
      {
        "db": "BID",
        "id": "66725"
      },
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68259"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0766",
        "trust": 4.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "66725",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2011",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-073",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105565",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "0CD436B2-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "168CDC96-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-62177",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-68259",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-073"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68259"
      },
      {
        "db": "BID",
        "id": "66725"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0766"
      }
    ]
  },
  "id": "VAR-201404-0541",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68259"
      }
    ],
    "trust": 1.7511770050000002
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:14.009000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Advantech WebAccess odeName2 parameter handles patch buffer overflow vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44777"
      },
      {
        "title": "AdvantechWebAccessCHNNode_2014.03.03_3.3.1",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49251"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-073"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68259"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0766"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/66725"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0766"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0766"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105565"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-073"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68259"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0766"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-073",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-68259",
        "ident": null
      },
      {
        "db": "BID",
        "id": "66725",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001977",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0766",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-073",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02242",
        "ident": null
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68259",
        "ident": null
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66725",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-172",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001977",
        "ident": null
      },
      {
        "date": "2014-04-12T04:37:31.533000",
        "db": "NVD",
        "id": "CVE-2014-0766",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-073",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02242",
        "ident": null
      },
      {
        "date": "2015-07-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68259",
        "ident": null
      },
      {
        "date": "2014-04-17T00:40:00",
        "db": "BID",
        "id": "66725",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-172",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001977",
        "ident": null
      },
      {
        "date": "2025-09-19T20:15:37",
        "db": "NVD",
        "id": "CVE-2014-0766",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess odeName2 Parameter Handling Stack Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02242"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "_id": null,
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "0cd436b2-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "168cdc96-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-172"
      }
    ],
    "trust": 1.0
  }
}

VAR-201404-0547

Vulnerability from variot - Updated: 2025-09-21 23:04

The BWOCXRUN.BwocxrunCtrl.1 control contains a method named OpenUrlToBufferTimeout. This method takes a URL as a parameter and returns its contents to the caller in JavaScript. The URLs are accessed in the security context of the current browser session. The control does not perform any URL validation and allows file:// URLs that access the local disk.

The method can be used to open a URL (including file URLs) and read the URLs through JavaScript. This method could also be used to reach any arbitrary URL to which the browser has access. This vulnerability allows remote attackers to access arbitrary files on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx cntrol. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-138"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0772"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Anonymous",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-138"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0772",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0772",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02266",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "719091cc-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7bf371-463f-11e9-a294-000c29342cb1",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "16660ba2-2352-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68265",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0772",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0772",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0772",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0772",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02266",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-177",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "719091cc-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d7bf371-463f-11e9-a294-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "16660ba2-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68265",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-138"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68265"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0772"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0772"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "The BWOCXRUN.BwocxrunCtrl.1 control contains a method named \nOpenUrlToBufferTimeout. This method takes a URL as a parameter and \nreturns its contents to the caller in JavaScript. The URLs are accessed \nin the security context of the current browser session. The control does\n not perform any URL validation and allows file:// URLs that access the \nlocal disk. \n\n\nThe method can be used to open a URL (including file URLs) and read \nthe URLs through JavaScript. This method could also be used to reach any\n arbitrary URL to which the browser has access. This vulnerability allows remote attackers to access arbitrary files on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx cntrol. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0772"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-138"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      },
      {
        "db": "BID",
        "id": "66749"
      },
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68265"
      }
    ],
    "trust": 3.69
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0772",
        "trust": 4.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-177",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "66749",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2094",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-138",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105570",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "719091CC-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D7BF371-463F-11E9-A294-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "16660BA2-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68265",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-138"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68265"
      },
      {
        "db": "BID",
        "id": "66749"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0772"
      }
    ]
  },
  "id": "VAR-201404-0547",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68265"
      }
    ],
    "trust": 1.73470696
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:13.955000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Advantech WebAccess bwocxrun.ocx OpenUrlToBufferTimeout method patch for arbitrary file access vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44790"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-138"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-538",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68265"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0772"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0772"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0772"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105570"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-138"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68265"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0772"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-138",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-68265",
        "ident": null
      },
      {
        "db": "BID",
        "id": "66749",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-177",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001982",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0772",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-05-19T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-138",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02266",
        "ident": null
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68265",
        "ident": null
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66749",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-177",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001982",
        "ident": null
      },
      {
        "date": "2014-04-12T04:37:31.673000",
        "db": "NVD",
        "id": "CVE-2014-0772",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-05-19T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-138",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02266",
        "ident": null
      },
      {
        "date": "2014-04-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68265",
        "ident": null
      },
      {
        "date": "2014-05-22T17:54:00",
        "db": "BID",
        "id": "66749",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-177",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001982",
        "ident": null
      },
      {
        "date": "2025-09-19T20:15:37.850000",
        "db": "NVD",
        "id": "CVE-2014-0772",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-177"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess bwocxrun.ocx OpenUrlToBufferTimeout Method Arbitrary File Access Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02266"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "_id": null,
    "data": "Information leakage",
    "sources": [
      {
        "db": "IVD",
        "id": "719091cc-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf371-463f-11e9-a294-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "16660ba2-2352-11e6-abef-000c29c66e3d"
      }
    ],
    "trust": 0.6
  }
}

VAR-201404-0540

Vulnerability from variot - Updated: 2025-09-21 23:04

To exploit this vulnerability, the attacker sends data from the GotoCmd argument to control. If the value of the argument is overly long, the static stack buffer can be overflowed. This will allow the attacker to execute arbitrary code remotely. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied GotoCmd string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing GotoCmd parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions

Show details on source website

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0540",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "*"
      },
      {
        "model": "broadwin webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "db": "BID",
        "id": "66722"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0765"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Tom Gallagher",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-072"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0765",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0765",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02270",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7dc830-463f-11e9-b94d-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "1685972e-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68258",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0765",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0765",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0765",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0765",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02270",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-171",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d7dc830-463f-11e9-b94d-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "1685972e-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68258",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68258"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0765"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0765"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "To exploit this vulnerability, the attacker sends data from the GotoCmd \nargument to control. If the value of the argument is overly long, the \nstatic stack buffer can be overflowed. This will allow the attacker to \nexecute arbitrary code remotely. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied GotoCmd string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing GotoCmd parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow  vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a  denial-of-service condition. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0765"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "db": "BID",
        "id": "66722"
      },
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68258"
      }
    ],
    "trust": 3.69
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0765",
        "trust": 4.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "66722",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2010",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-072",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105564",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "6E57A0F4-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D7DC830-463F-11E9-B94D-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "1685972E-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68258",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68258"
      },
      {
        "db": "BID",
        "id": "66722"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0765"
      }
    ]
  },
  "id": "VAR-201404-0540",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68258"
      }
    ],
    "trust": 1.951177005
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:13.900000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Advantech WebAccess GotoCmd parameter handles patch buffer overflow vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44792"
      },
      {
        "title": "AdvantechWebAccessCHNNode_2014.03.03_3.3.1",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49251"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68258"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0765"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/66722"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0765"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0765"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105564"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68258"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0765"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68258"
      },
      {
        "db": "BID",
        "id": "66722"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0765"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68258"
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66722"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "date": "2014-04-12T04:37:31.503000",
        "db": "NVD",
        "id": "CVE-2014-0765"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-072"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      },
      {
        "date": "2015-07-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68258"
      },
      {
        "date": "2014-04-17T00:40:00",
        "db": "BID",
        "id": "66722"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001976"
      },
      {
        "date": "2025-09-19T20:15:36.003000",
        "db": "NVD",
        "id": "CVE-2014-0765"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Advantech WebAccess GotoCmd Parameter Handling Stack Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02270"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "6e57a0f4-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7dc830-463f-11e9-b94d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1685972e-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-171"
      }
    ],
    "trust": 1.2
  }
}

VAR-201404-0542

Vulnerability from variot - Updated: 2025-09-21 23:04

An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. This will overflow the static stack buffer. The attacker may then execute code on the target device remotely. Advantech WebAccess Contains a stack-based buffer overflow vulnerability.Too long by a third party AccessCode Arbitrary code may be executed via an argument. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied AccessCode string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing AccessCode parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, causing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      },
      {
        "_id": null,
        "model": "broadwin webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-074"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      },
      {
        "db": "BID",
        "id": "66728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-173"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0767"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Tom Gallagher",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-074"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0767",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0767",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02244",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "1681e714-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68260",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0767",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0767",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0767",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0767",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02244",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-173",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "1681e714-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68260",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-074"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68260"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-173"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0767"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0767"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An attacker may exploit this vulnerability by passing an overly long \nvalue from the AccessCode argument to the control. This will overflow \nthe static stack buffer. The attacker may then execute code on the \ntarget device remotely. Advantech WebAccess Contains a stack-based buffer overflow vulnerability.Too long by a third party AccessCode Arbitrary code may be executed via an argument. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied AccessCode string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing AccessCode parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, causing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow  vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a  denial-of-service condition. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-074"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      },
      {
        "db": "BID",
        "id": "66728"
      },
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68260"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0767",
        "trust": 4.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "66728",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-173",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2012",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-074",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105566",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "31A3EFA0-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "1681E714-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68260",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-074"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68260"
      },
      {
        "db": "BID",
        "id": "66728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-173"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0767"
      }
    ]
  },
  "id": "VAR-201404-0542",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68260"
      }
    ],
    "trust": 1.7511770050000002
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:13.842000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Advantech WebAccess AccessCode parameter handling stack buffer overflow vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44782"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-074"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0767"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/66728"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0767"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0767"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105566"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-074"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68260"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-173"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0767"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-074",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-68260",
        "ident": null
      },
      {
        "db": "BID",
        "id": "66728",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-173",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001978",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0767",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-074",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02244",
        "ident": null
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68260",
        "ident": null
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66728",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-173",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001978",
        "ident": null
      },
      {
        "date": "2014-04-12T04:37:31.567000",
        "db": "NVD",
        "id": "CVE-2014-0767",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-074",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02244",
        "ident": null
      },
      {
        "date": "2015-07-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68260",
        "ident": null
      },
      {
        "date": "2014-04-17T00:40:00",
        "db": "BID",
        "id": "66728",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-173",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001978",
        "ident": null
      },
      {
        "date": "2025-09-19T20:15:37.177000",
        "db": "NVD",
        "id": "CVE-2014-0767",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-173"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess AccessCode Parameter Handling Stack Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02244"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "_id": null,
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "31a3efa0-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1681e714-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-173"
      }
    ],
    "trust": 1.0
  }
}

VAR-201404-0545

Vulnerability from variot - Updated: 2025-09-21 23:04

By providing an overly long string to the UserName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing NodeName parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions

Show details on source website

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0545",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech webaccess",
        "version": "*"
      },
      {
        "model": "broadwin webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "model": "broadwin webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "model": "broadwin webaccess",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.2"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "db": "BID",
        "id": "66733"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0770"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Tom Gallagher",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-075"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0770",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0770",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02260",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7bf372-463f-11e9-9061-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "1673fa5a-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68263",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0770",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0770",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0770",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0770",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02260",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-175",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d7bf372-463f-11e9-9061-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "1673fa5a-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68263",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68263"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0770"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0770"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "By providing an overly long string to the UserName parameter, an \nattacker may be able to overflow the static stack buffer. The attacker \nmay then execute code on the target device remotely. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing NodeName parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow  vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a  denial-of-service condition. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0770"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "db": "BID",
        "id": "66733"
      },
      {
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68263"
      }
    ],
    "trust": 3.69
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0770",
        "trust": 4.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-175",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "66733",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2014",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-075",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105568",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "2DA7CF70-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D7BF372-463F-11E9-9061-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "1673FA5A-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68263",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68263"
      },
      {
        "db": "BID",
        "id": "66733"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0770"
      }
    ]
  },
  "id": "VAR-201404-0545",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68263"
      }
    ],
    "trust": 1.951177005
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      }
    ]
  },
  "last_update_date": "2025-09-21T23:04:13.788000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Patch for Advantech WebAccess NodeName parameter handling stack buffer overflow vulnerability (CNVD-2014-02260)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44785"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68263"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0770"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0770"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0770"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105568"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      },
      {
        "trust": 0.3,
        "url": "http://webaccess.advantech.com"
      },
      {
        "trust": 0.3,
        "url": "http://advantech.vo.llnwd.net/o35/www/webaccess/webaccess_v7.2_beta_version/webaccessversion7.2.htm"
      },
      {
        "trust": 0.3,
        "url": "ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68263"
      },
      {
        "db": "BID",
        "id": "66733"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0770"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68263"
      },
      {
        "db": "BID",
        "id": "66733"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0770"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68263"
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66733"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "date": "2014-04-12T04:37:31.627000",
        "db": "NVD",
        "id": "CVE-2014-0770"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-075"
      },
      {
        "date": "2014-04-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02260"
      },
      {
        "date": "2014-04-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68263"
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66733"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      },
      {
        "date": "2025-09-19T20:15:37.500000",
        "db": "NVD",
        "id": "CVE-2014-0770"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Advantech WebAccess Vulnerable to stack-based buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001980"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "2da7cf70-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7bf372-463f-11e9-9061-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "1673fa5a-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-175"
      }
    ],
    "trust": 1.2
  }
}

VAR-201404-0538

Vulnerability from variot - Updated: 2025-09-20 23:16

An attacker using SQL injection may use arguments to construct queries without proper sanitization. The DBVisitor.dll is exposed through SOAP interfaces, and the exposed functions are vulnerable to SOAP injection. This may allow unexpected SQL action and access to records in the table of the software database or execution of arbitrary code. Advantech WebAccess of DBVisitor.dll Is SQL An injection vulnerability exists.Third party to unspecified functions SOAP Any via request SQL The command may be executed. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DBVisitor.dll component. These flaws allow an attacker to execute arbitrary SQL statements in the context of the web service and to exfiltrate data (including the account names and password hashes) from the vulnerable product. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. There is a SQL injection vulnerability in Advantech WebAccess. Because the SOAP interface exposes DBVisitor.dll, it allows an attacker to exploit a vulnerability to submit a specially crafted SOAP request, inject or manipulate a SQL query, and obtain sensitive sensitive information or manipulate the database. Advantech WebAccess is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, to access or modify data, or to exploit vulnerabilities in the underlying database. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "advantech",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "advantech webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-077"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-169"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0763"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Andrea Micalizzi aka rgod",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-077"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-0763",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ics-cert@hq.dhs.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-0763",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 3.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-02243",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "1654b8d4-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-68256",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "ics-cert@hq.dhs.gov",
            "id": "CVE-2014-0763",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-0763",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-0763",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2014-0763",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-02243",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-169",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "1654b8d4-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68256",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-077"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68256"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-169"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0763"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0763"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An attacker using SQL injection may use arguments to construct queries \nwithout proper sanitization. The DBVisitor.dll is exposed through SOAP \ninterfaces, and the exposed functions are vulnerable to SOAP injection. \nThis may allow unexpected SQL action and access to records in the table \nof the software database or execution of arbitrary code. Advantech WebAccess of DBVisitor.dll Is SQL An injection vulnerability exists.Third party to unspecified functions SOAP Any via request SQL The command may be executed. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DBVisitor.dll component. These flaws allow an attacker to execute arbitrary SQL statements in the context of the web service and to exfiltrate data (including the account names and password hashes) from the vulnerable product. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. There is a SQL injection vulnerability in Advantech WebAccess. Because the SOAP interface exposes DBVisitor.dll, it allows an attacker to exploit a vulnerability to submit a specially crafted SOAP request, inject or manipulate a SQL query, and obtain sensitive sensitive information or manipulate the database. Advantech WebAccess is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. \nA successful exploit could allow an attacker to compromise the application, to access or modify data, or to exploit vulnerabilities in the underlying database. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0763"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-077"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243"
      },
      {
        "db": "BID",
        "id": "66740"
      },
      {
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68256"
      }
    ],
    "trust": 3.51
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0763",
        "trust": 4.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-079-03",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "66740",
        "trust": 2.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-169",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-1938",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-077",
        "trust": 0.7
      },
      {
        "db": "OSVDB",
        "id": "105572",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57873",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "0AD07D9E-1EDF-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "1654B8D4-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-68256",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-077"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68256"
      },
      {
        "db": "BID",
        "id": "66740"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-169"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0763"
      }
    ]
  },
  "id": "VAR-201404-0538",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68256"
      }
    ],
    "trust": 1.53470696
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243"
      }
    ]
  },
  "last_update_date": "2025-09-20T23:16:55.175000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Downloads ::: WebAccess Software",
        "trust": 0.8,
        "url": "http://webaccess.advantech.com/downloads.php?item=software"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
      },
      {
        "title": "Advantech WebAccess DBVisitor.dll special SOAP request SQL injection vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44778"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-077"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-89",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68256"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0763"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-079-03"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/66740"
      },
      {
        "trust": 1.0,
        "url": "http://webaccess.advantech.com/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0763"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0763"
      },
      {
        "trust": 0.6,
        "url": "http://osvdb.com/show/osvdb/105572"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57873"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-14-077"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68256"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-169"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0763"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-14-077",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-02243",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-68256",
        "ident": null
      },
      {
        "db": "BID",
        "id": "66740",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-169",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0763",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-077",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02243",
        "ident": null
      },
      {
        "date": "2014-04-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68256",
        "ident": null
      },
      {
        "date": "2014-04-08T00:00:00",
        "db": "BID",
        "id": "66740",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-169",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001974",
        "ident": null
      },
      {
        "date": "2014-04-12T04:37:31.440000",
        "db": "NVD",
        "id": "CVE-2014-0763",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2014-04-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-14-077",
        "ident": null
      },
      {
        "date": "2014-04-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-02243",
        "ident": null
      },
      {
        "date": "2015-07-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68256",
        "ident": null
      },
      {
        "date": "2014-04-17T00:40:00",
        "db": "BID",
        "id": "66740",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-169",
        "ident": null
      },
      {
        "date": "2014-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001974",
        "ident": null
      },
      {
        "date": "2025-09-19T19:15:37.537000",
        "db": "NVD",
        "id": "CVE-2014-0763",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-169"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess of  DBVisitor.dll In  SQL Injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001974"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "SQL injection",
    "sources": [
      {
        "db": "IVD",
        "id": "0ad07d9e-1edf-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "1654b8d4-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-169"
      }
    ],
    "trust": 1.0
  }
}

VAR-202505-1496

Vulnerability from variot - Updated: 2025-05-13 23:26

Advantech WebAccess is an HMI/SCADA monitoring software completely based on IE browser.

Advantech WebAccess of Advantech Technology (China) Co., Ltd. has a file upload vulnerability, which can be exploited by attackers to gain control of the server.

Show details on source website

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202505-1496",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": null,
        "trust": 0.6,
        "vendor": "advantech",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ]
  },
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2025-09376",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2025-09376",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Advantech WebAccess is an HMI/SCADA monitoring software completely based on IE browser.\n\nAdvantech WebAccess of Advantech Technology (China) Co., Ltd. has a file upload vulnerability, which can be exploited by attackers to gain control of the server.",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ],
    "trust": 0.6
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ]
  },
  "id": "VAR-202505-1496",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ],
    "trust": 1.0347069599999998
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ]
  },
  "last_update_date": "2025-05-13T23:26:43.037000Z",
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2025-05-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2025-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Advantech WebAccess has a file upload vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-09376"
      }
    ],
    "trust": 0.6
  }
}

VAR-201705-3745

Vulnerability from variot - Updated: 2025-04-20 23:31

An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability.The specific flaw exists within odbcPg4.asp. An attacker can leverage this vulnerability to overwrite key web files which will disable functionality on the target machine. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A directory traversal vulnerability exists in Advantech WebAccess due to the application's failure to adequately filter user-supplied input. A remote attacker exploited the vulnerability to retrieve sensitive information and execute arbitrary code through a specially crafted request with a directory traversal sequence ('../'). This may aid in further attacks. Advantech WebAccess version 8.1 and prior are vulnerable

Show details on source website

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3745",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": "webaccess",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=8.1"
      },
      {
        "model": "webaccess 8.0 20150816",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "model": "webaccess 8.2 20170330",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "db": "BID",
        "id": "98311"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7929"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Zhou Yu",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-322"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2017-7929",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2017-7929",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2017-7929",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2017-06980",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-116132",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-7929",
            "impactScore": 4.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-7929",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-7929",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2017-7929",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-06980",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201704-931",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-116132",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7929"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers  to cause a denial of service condition on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability.The specific flaw exists within odbcPg4.asp.  An attacker can leverage this vulnerability to overwrite key web files which will disable functionality on the target machine. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A directory traversal vulnerability exists in Advantech WebAccess due to the application\u0027s failure to adequately filter user-supplied input. A remote attacker exploited the vulnerability to retrieve sensitive information and execute arbitrary code through a specially crafted request with a directory traversal sequence (\u0027../\u0027). This may aid in further attacks. \nAdvantech WebAccess version 8.1 and prior are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-7929"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "db": "BID",
        "id": "98311"
      },
      {
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116132"
      }
    ],
    "trust": 3.33
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-7929",
        "trust": 4.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-124-03",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "98311",
        "trust": 2.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4013",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-322",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "72B8F504-9FAF-4E5E-9287-87F7CB248C3E",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-116132",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116132"
      },
      {
        "db": "BID",
        "id": "98311"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7929"
      }
    ]
  },
  "id": "VAR-201705-3745",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116132"
      }
    ],
    "trust": 1.438782045
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:31:00.500000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.com/industrial-automation/webaccess"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-03"
      },
      {
        "title": "Patch for Advantech WebAccess Directory Traversal Vulnerability (CNVD-2017-06980)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/93984"
      },
      {
        "title": "Advantech WebAccess Repair measures for path traversal vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99746"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-36",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-116132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7929"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.5,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-124-03"
      },
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/98311"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7929"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7929"
      },
      {
        "trust": 0.3,
        "url": "http://www.advantech.in/"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116132"
      },
      {
        "db": "BID",
        "id": "98311"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7929"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116132"
      },
      {
        "db": "BID",
        "id": "98311"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7929"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-19T00:00:00",
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "date": "2017-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "date": "2017-05-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "date": "2017-05-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-116132"
      },
      {
        "date": "2017-05-04T00:00:00",
        "db": "BID",
        "id": "98311"
      },
      {
        "date": "2017-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "date": "2017-04-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      },
      {
        "date": "2017-05-06T00:29:00.490000",
        "db": "NVD",
        "id": "CVE-2017-7929"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-322"
      },
      {
        "date": "2017-05-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06980"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-116132"
      },
      {
        "date": "2017-05-23T16:23:00",
        "db": "BID",
        "id": "98311"
      },
      {
        "date": "2017-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-7929"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Advantech WebAccess Path traversal vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Path traversal",
    "sources": [
      {
        "db": "IVD",
        "id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-931"
      }
    ],
    "trust": 0.8
  }
}

VAR-201705-2332

Vulnerability from variot - Updated: 2025-04-20 23:16

upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within upAdminPg.asp. One project administrator can view other project administrators' passwords along with the system administrator's password. An attacker can leverage this vulnerability to escalate privileges within the system. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. ActiveX is one of the components used to transmit dynamic images in surveillance. A version of ActiveX prior to Advantech WebAccess 8.1_20160519 has a security vulnerability. An attacker could exploit the vulnerability to insert or run arbitrary code on an affected system

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "8.1_20160519"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess \u003c8.1 20160519",
        "scope": null,
        "trust": 0.6,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-429"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5810"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Zhou Yu",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-16-429"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2016-5810",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2016-5810",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "ZDI",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2016-5810",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-10506",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-94629",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.2,
            "id": "CVE-2016-5810",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-5810",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-5810",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "ZDI",
            "id": "CVE-2016-5810",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-10506",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201610-867",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-94629",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-429"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94629"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5810"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within upAdminPg.asp. One project administrator can view other project administrators\u0027 passwords along with the system administrator\u0027s password. An attacker can leverage this vulnerability to escalate privileges within the system. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. ActiveX is one of the components used to transmit dynamic images in surveillance. A version of ActiveX prior to Advantech WebAccess 8.1_20160519 has a security vulnerability. An attacker could exploit the vulnerability to insert or run arbitrary code on an affected system",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-5810"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-429"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506"
      },
      {
        "db": "IVD",
        "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94629"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-5810",
        "trust": 4.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-16-173-01",
        "trust": 3.1
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-429",
        "trust": 2.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3746",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "29796EEF-56CD-4EE0-AEFC-005C9EC1B53A",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-94629",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-429"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94629"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5810"
      }
    ]
  },
  "id": "VAR-201705-2332",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94629"
      }
    ],
    "trust": 1.474496345
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:16:10.045000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.com/industrial-automation/webaccess"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-173-01"
      },
      {
        "title": "Advantech WebAccess ActiveX vulnerable patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/83391"
      },
      {
        "title": "Advantech WebAccess ActiveX Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65188"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-16-429"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-94629"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5810"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-173-01"
      },
      {
        "trust": 1.7,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-16-429"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5810"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5810"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-16-429"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94629"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5810"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-16-429",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10506",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-94629",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5810",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2016-11-02T00:00:00",
        "db": "IVD",
        "id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
        "ident": null
      },
      {
        "date": "2016-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-429",
        "ident": null
      },
      {
        "date": "2016-11-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10506",
        "ident": null
      },
      {
        "date": "2017-05-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-94629",
        "ident": null
      },
      {
        "date": "2017-06-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008542",
        "ident": null
      },
      {
        "date": "2016-10-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-867",
        "ident": null
      },
      {
        "date": "2017-05-02T14:59:00.487000",
        "db": "NVD",
        "id": "CVE-2016-5810",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2016-07-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-16-429",
        "ident": null
      },
      {
        "date": "2016-11-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10506",
        "ident": null
      },
      {
        "date": "2017-05-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-94629",
        "ident": null
      },
      {
        "date": "2017-06-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008542",
        "ident": null
      },
      {
        "date": "2017-05-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-867",
        "ident": null
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2016-5810",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess of  upAdminPg.asp Vulnerable to obtaining important password information",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008542"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-867"
      }
    ],
    "trust": 0.6
  }
}

VAR-201711-0754

Vulnerability from variot - Updated: 2025-04-20 23:15

An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable. Advantech WebAccess Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Advantech WebAccess 8.2_20170817 are vulnerable

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "advantech",
        "version": "8.2_20170817"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 1.4,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess \u003cv8.2 20170817",
        "scope": null,
        "trust": 0.6,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "webaccess 8.2 20170330",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.2"
      },
      {
        "_id": null,
        "model": "webaccess 8.1 20160519",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess 8.0 20150816",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8"
      },
      {
        "_id": null,
        "model": "webaccess 8.2 20170817",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-939"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564"
      },
      {
        "db": "BID",
        "id": "101685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12719"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Steven Seeley (mr_me) of Offensive Security",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-939"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940"
      }
    ],
    "trust": 1.4
  },
  "cve": "CVE-2017-12719",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-12719",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2017-12719",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 1.4,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-32564",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-103269",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-12719",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2017-12719",
            "trust": 1.4,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-12719",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-12719",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-32564",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201711-170",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-103269",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-939"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103269"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12719"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable. Advantech WebAccess Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process.  An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. \nVersions prior to Advantech WebAccess 8.2_20170817 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-12719"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-939"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564"
      },
      {
        "db": "BID",
        "id": "101685"
      },
      {
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103269"
      }
    ],
    "trust": 3.96
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-12719",
        "trust": 5.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-306-02",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "101685",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4950",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-939",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4951",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "324AEB72-83A5-4EC9-8BFB-77E3DF73ED3A",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-103269",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-939"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103269"
      },
      {
        "db": "BID",
        "id": "101685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12719"
      }
    ]
  },
  "id": "VAR-201711-0754",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103269"
      }
    ],
    "trust": 1.582962455
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:15:51.560000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 1.4,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-02"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.com/industrial-automation/webaccess"
      },
      {
        "title": "Advantech WebAccess Pointer Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/105314"
      },
      {
        "title": "Advantech WebAccess Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76156"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-939"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-476",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-822",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-103269"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12719"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 4.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-02"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/101685"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12719"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12719"
      },
      {
        "trust": 0.3,
        "url": "http://webaccess.advantech.com"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-939"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103269"
      },
      {
        "db": "BID",
        "id": "101685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12719"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-939",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32564",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-103269",
        "ident": null
      },
      {
        "db": "BID",
        "id": "101685",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009931",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12719",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2017-11-03T00:00:00",
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
        "ident": null
      },
      {
        "date": "2017-12-06T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-939",
        "ident": null
      },
      {
        "date": "2017-12-06T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-940",
        "ident": null
      },
      {
        "date": "2017-11-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-32564",
        "ident": null
      },
      {
        "date": "2017-11-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-103269",
        "ident": null
      },
      {
        "date": "2017-11-02T00:00:00",
        "db": "BID",
        "id": "101685",
        "ident": null
      },
      {
        "date": "2017-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009931",
        "ident": null
      },
      {
        "date": "2017-11-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201711-170",
        "ident": null
      },
      {
        "date": "2017-11-06T22:29:00.193000",
        "db": "NVD",
        "id": "CVE-2017-12719",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2017-12-06T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-939",
        "ident": null
      },
      {
        "date": "2017-12-06T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-940",
        "ident": null
      },
      {
        "date": "2017-11-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-32564",
        "ident": null
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-103269",
        "ident": null
      },
      {
        "date": "2017-12-19T22:36:00",
        "db": "BID",
        "id": "101685",
        "ident": null
      },
      {
        "date": "2017-12-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009931",
        "ident": null
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201711-170",
        "ident": null
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-12719",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-939"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-940"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "_id": null,
    "data": "Code problem",
    "sources": [
      {
        "db": "IVD",
        "id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-170"
      }
    ],
    "trust": 0.8
  }
}

VAR-201711-0409

Vulnerability from variot - Updated: 2025-04-20 23:15

A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within implementation of the 0x138bd IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Advantech WebAccess 8.2_20170817 are vulnerable

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "advantech",
        "version": "8.2_20170817"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess \u003cv8.2 20170817",
        "scope": null,
        "trust": 0.6,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "webaccess 8.2 20170330",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.2"
      },
      {
        "_id": null,
        "model": "webaccess 8.1 20160519",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess 8.0 20150816",
        "scope": null,
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8"
      },
      {
        "_id": null,
        "model": "webaccess 8.2 20170817",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-938"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562"
      },
      {
        "db": "BID",
        "id": "101685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14016"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Steven Seeley (mr_me) of Offensive Security",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-938"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2017-14016",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2017-14016",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 2.5,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-32562",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-104696",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-14016",
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-14016",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-14016",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "ZDI",
            "id": "CVE-2017-14016",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-32562",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201708-1259",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-104696",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-938"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104696"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14016"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within implementation of the 0x138bd IOCTL in the webvrpcs process.  An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. \nVersions prior to Advantech WebAccess 8.2_20170817 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-14016"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-938"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562"
      },
      {
        "db": "BID",
        "id": "101685"
      },
      {
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104696"
      }
    ],
    "trust": 3.33
  },
  "exploit_availability": {
    "_id": null,
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-104696",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-104696"
      }
    ]
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-14016",
        "trust": 4.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-306-02",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "101685",
        "trust": 1.4
      },
      {
        "db": "EXPLOIT-DB",
        "id": "43340",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-4949",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-938",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "AE88E8AE-B267-4E99-BFAC-8A81BBB4590A",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "145401",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-104696",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-938"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104696"
      },
      {
        "db": "BID",
        "id": "101685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14016"
      }
    ]
  },
  "id": "VAR-201711-0409",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104696"
      }
    ],
    "trust": 1.582962455
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:15:51.514000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.com/industrial-automation/webaccess"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-02"
      },
      {
        "title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/105309"
      },
      {
        "title": "Advantech WebAccess Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75601"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-938"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-104696"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14016"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 4.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-02"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/101685"
      },
      {
        "trust": 1.1,
        "url": "https://www.exploit-db.com/exploits/43340/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14016"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14016"
      },
      {
        "trust": 0.3,
        "url": "http://webaccess.advantech.com"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-938"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104696"
      },
      {
        "db": "BID",
        "id": "101685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14016"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-938",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32562",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-104696",
        "ident": null
      },
      {
        "db": "BID",
        "id": "101685",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14016",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2017-11-03T00:00:00",
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
        "ident": null
      },
      {
        "date": "2017-12-06T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-938",
        "ident": null
      },
      {
        "date": "2017-11-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-32562",
        "ident": null
      },
      {
        "date": "2017-11-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-104696",
        "ident": null
      },
      {
        "date": "2017-11-02T00:00:00",
        "db": "BID",
        "id": "101685",
        "ident": null
      },
      {
        "date": "2017-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009932",
        "ident": null
      },
      {
        "date": "2017-11-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-1259",
        "ident": null
      },
      {
        "date": "2017-11-06T22:29:00.240000",
        "db": "NVD",
        "id": "CVE-2017-14016",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2017-12-06T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-938",
        "ident": null
      },
      {
        "date": "2017-11-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-32562",
        "ident": null
      },
      {
        "date": "2017-12-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-104696",
        "ident": null
      },
      {
        "date": "2017-12-19T22:36:00",
        "db": "BID",
        "id": "101685",
        "ident": null
      },
      {
        "date": "2017-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009932",
        "ident": null
      },
      {
        "date": "2017-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-1259",
        "ident": null
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-14016",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess Buffer error vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009932"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "_id": null,
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1259"
      }
    ],
    "trust": 0.8
  }
}

VAR-201702-0675

Vulnerability from variot - Updated: 2025-04-20 23:05

An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess version 8.1. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the software, retrieve information, or modify data; other consequences are possible as well. WebAccess 8.1 is vulnerable; other versions may also be affected

Show details on source website

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "webaccess",
        "scope": "eq",
        "trust": 3.3,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": null,
        "trust": 0.7,
        "vendor": "advantech",
        "version": null
      },
      {
        "_id": null,
        "model": "webaccess",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.2"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "8.1"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-043"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553"
      },
      {
        "db": "BID",
        "id": "95410"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5154"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Tenable Network Security",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-043"
      },
      {
        "db": "BID",
        "id": "95410"
      }
    ],
    "trust": 1.0
  },
  "cve": "CVE-2017-5154",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-5154",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "ZDI",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2017-5154",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-00553",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "f6a19415-1129-4719-ad81-c1d464552563",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-113357",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-5154",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5154",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-5154",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "ZDI",
            "id": "CVE-2017-5154",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-00553",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201701-328",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "f6a19415-1129-4719-ad81-c1d464552563",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113357",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-043"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113357"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5154"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess version 8.1. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. \nAn attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the software, retrieve information, or modify data; other consequences are possible as well. \nWebAccess 8.1 is vulnerable; other versions may also be affected",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5154"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-043"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553"
      },
      {
        "db": "BID",
        "id": "95410"
      },
      {
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113357"
      }
    ],
    "trust": 3.33
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5154",
        "trust": 4.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-012-01",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "95410",
        "trust": 2.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-043",
        "trust": 1.6
      },
      {
        "db": "TENABLE",
        "id": "TRA-2017-04",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3679",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "F6A19415-1129-4719-AD81-C1D464552563",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-113357",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563"
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-043"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113357"
      },
      {
        "db": "BID",
        "id": "95410"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5154"
      }
    ]
  },
  "id": "VAR-201702-0675",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113357"
      }
    ],
    "trust": 1.33470696
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:05:29.697000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "http://www.advantech.com/industrial-automation/webaccess"
      },
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-012-01"
      },
      {
        "title": "Advantech WebAccess \u0027updateTemplate.aspx\u0027 SQL Injection Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/88106"
      },
      {
        "title": "Advantech WebAccess SQL Repair measures for injecting vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66985"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-043"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-89",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113357"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5154"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/95410"
      },
      {
        "trust": 1.1,
        "url": "https://www.tenable.com/security/research/tra-2017-04"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5154"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5154"
      },
      {
        "trust": 0.6,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/"
      },
      {
        "trust": 0.3,
        "url": "http://webaccess.advantech.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/ "
      },
      {
        "trust": 0.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01 "
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-17-043"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113357"
      },
      {
        "db": "BID",
        "id": "95410"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5154"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-17-043",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-00553",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-113357",
        "ident": null
      },
      {
        "db": "BID",
        "id": "95410",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5154",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2017-01-18T00:00:00",
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563",
        "ident": null
      },
      {
        "date": "2017-01-12T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-043",
        "ident": null
      },
      {
        "date": "2017-01-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-00553",
        "ident": null
      },
      {
        "date": "2017-02-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113357",
        "ident": null
      },
      {
        "date": "2017-01-12T00:00:00",
        "db": "BID",
        "id": "95410",
        "ident": null
      },
      {
        "date": "2017-03-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-001616",
        "ident": null
      },
      {
        "date": "2017-01-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201701-328",
        "ident": null
      },
      {
        "date": "2017-02-13T21:59:02.707000",
        "db": "NVD",
        "id": "CVE-2017-5154",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2017-01-12T00:00:00",
        "db": "ZDI",
        "id": "ZDI-17-043",
        "ident": null
      },
      {
        "date": "2017-01-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-00553",
        "ident": null
      },
      {
        "date": "2017-11-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113357",
        "ident": null
      },
      {
        "date": "2017-01-23T04:05:00",
        "db": "BID",
        "id": "95410",
        "ident": null
      },
      {
        "date": "2017-03-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-001616",
        "ident": null
      },
      {
        "date": "2017-01-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201701-328",
        "ident": null
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-5154",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Advantech WebAccess In  SQL Injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001616"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "SQL injection",
    "sources": [
      {
        "db": "IVD",
        "id": "f6a19415-1129-4719-ad81-c1d464552563"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-328"
      }
    ],
    "trust": 0.8
  }
}