Find a vulnerability
Search criteria
109 vulnerabilities by WebAccess
VAR-201810-0396
Vulnerability from variot - Updated: 2026-04-11 00:00Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwclient.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech (Advantech) WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. Advantech WebAccess is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 3. An arbitrary-file-deletion vulnerability 4. This may aid in further attacks. Advantech WebAccess 8.3.1 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 8.4,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"credits": {
"_id": null,
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "BID",
"id": "105728"
}
],
"trust": 8.7
},
"cve": "CVE-2018-14816",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14816",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 8.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-14816",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21935",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-125013",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-14816",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-14816",
"trust": 8.4,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-14816",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-21935",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1188",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-125013",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "VULHUB",
"id": "VHN-125013"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"description": {
"_id": null,
"data": "Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwclient.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech (Advantech) WebAccess software is the core of Advantech\u0027s IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. Advantech WebAccess is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n3. An arbitrary-file-deletion vulnerability\n4. This may aid in further attacks. \nAdvantech WebAccess 8.3.1 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14816"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-125013"
}
],
"trust": 9.54
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-14816",
"trust": 11.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-296-01",
"trust": 2.6
},
{
"db": "BID",
"id": "105728",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1041939",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-21935",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6299",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1311",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6300",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1312",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6296",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1308",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6298",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1310",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6302",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1314",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6295",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1307",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6287",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1300",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6285",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1298",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6301",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1313",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6292",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1304",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6297",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1309",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6294",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1306",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2FEEFE1-39AB-11E9-8E28-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-125013",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "VULHUB",
"id": "VHN-125013"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"id": "VAR-201810-0396",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "VULHUB",
"id": "VHN-125013"
}
],
"trust": 1.4399341300000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
}
]
},
"last_update_date": "2026-04-11T00:00:09.308000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 8.4,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-21935)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/143393"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86280"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125013"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 9.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105728"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041939"
},
{
"trust": 1.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01%2c"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01,"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "VULHUB",
"id": "VHN-125013"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1311",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1312",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1308",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1310",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1314",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1307",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1300",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1298",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1313",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1304",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1309",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1306",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-21935",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-125013",
"ident": null
},
{
"db": "BID",
"id": "105728",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-14816",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-10-28T00:00:00",
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1311",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1312",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1308",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1310",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1314",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1307",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1300",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1298",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1313",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1304",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1309",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1306",
"ident": null
},
{
"date": "2018-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21935",
"ident": null
},
{
"date": "2018-10-23T00:00:00",
"db": "VULHUB",
"id": "VHN-125013",
"ident": null
},
{
"date": "2018-10-23T00:00:00",
"db": "BID",
"id": "105728",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1188",
"ident": null
},
{
"date": "2018-10-23T20:29:00.530000",
"db": "NVD",
"id": "CVE-2018-14816",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1311",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1312",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1308",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1310",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1314",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1307",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1300",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1298",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1313",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1304",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1309",
"ident": null
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1306",
"ident": null
},
{
"date": "2018-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21935",
"ident": null
},
{
"date": "2020-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-125013",
"ident": null
},
{
"date": "2018-10-23T00:00:00",
"db": "BID",
"id": "105728",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1188",
"ident": null
},
{
"date": "2024-11-21T03:49:51.383000",
"db": "NVD",
"id": "CVE-2018-14816",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Client bwwebv Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
}
],
"trust": 0.8
}
}
VAR-202005-0008
Vulnerability from variot - Updated: 2026-04-10 23:52Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791d in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is due to the fact that the program does not correctly verify the length of the data submitted by the user
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess/scada",
"scope": null,
"trust": 8.4,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.4.4"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 1.0,
"vendor": "advantech",
"version": "9.0.0"
},
{
"_id": null,
"model": "webaccess node",
"scope": "gte",
"trust": 0.6,
"vendor": "advantech",
"version": "8.4.4"
},
{
"_id": null,
"model": "webaccess node",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "9.0.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "9.0.0"
}
],
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-602"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"credits": {
"_id": null,
"data": "Z0mb1E",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-602"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
}
],
"trust": 8.4
},
"cve": "CVE-2020-10638",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10638",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-29739",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-163136",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10638",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 7.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10638",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2020-10638",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2020-10638",
"trust": 7.7,
"value": "CRITICAL"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10638",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2020-10638",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2020-29739",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-295",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-163136",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-10638",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-602"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "VULHUB",
"id": "VHN-163136"
},
{
"db": "VULMON",
"id": "CVE-2020-10638"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"description": {
"_id": null,
"data": "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791d in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is due to the fact that the program does not correctly verify the length of the data submitted by the user",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10638"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-602"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "VULHUB",
"id": "VHN-163136"
},
{
"db": "VULMON",
"id": "CVE-2020-10638"
}
],
"trust": 9.54
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10638",
"trust": 11.2
},
{
"db": "ZDI",
"id": "ZDI-20-593",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-599",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-603",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-621",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-20-616",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-20-128-01",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-20-600",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2020-29739",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295",
"trust": 1.1
},
{
"db": "ZDI",
"id": "ZDI-20-597",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-20-631",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-20-620",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-20-601",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-20-617",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-20-602",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-20-623",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9902",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9985",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9994",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9892",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9897",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10081",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9998",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9890",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10085",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9895",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10337",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9889",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-635",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "47382",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1646",
"trust": 0.6
},
{
"db": "IVD",
"id": "95F15ED9-ABD1-4FA7-B3B8-CCE038C93754",
"trust": 0.2
},
{
"db": "IVD",
"id": "619B16C7-A995-4CDF-B7BE-D91E2BDC75EC",
"trust": 0.2
},
{
"db": "ZDI",
"id": "ZDI-20-604",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-20-596",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-20-594",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-20-618",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163136",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-10638",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-602"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "VULHUB",
"id": "VHN-163136"
},
{
"db": "VULMON",
"id": "CVE-2020-10638"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"id": "VAR-202005-0008",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "VULHUB",
"id": "VHN-163136"
}
],
"trust": 1.679503486666667
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
}
]
},
"last_update_date": "2026-04-10T23:52:18.503000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 8.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-36"
},
{
"title": "Patch for Advantech WebAccess Node buffer overflow vulnerability (CNVD-2020-29739)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/218845"
},
{
"title": "Advantech WebAccess Node Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118647"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-602"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-122",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163136"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 8.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-36"
},
{
"trust": 3.0,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-01"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-593/"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-599/"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-600/"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-603/"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-616/"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-621/"
},
{
"trust": 0.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-635/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10638"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47382"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1646/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-594/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-596/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-597/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-601/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-602/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-604/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-617/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-618/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-620/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-623/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-631/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181596"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-602"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "VULHUB",
"id": "VHN-163136"
},
{
"db": "VULMON",
"id": "CVE-2020-10638"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
"ident": null
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-593",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-597",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-599",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-631",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-603",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-620",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-601",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-617",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-621",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-602",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-623",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-616",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2020-29739",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163136",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2020-10638",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10638",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-05-07T00:00:00",
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
"ident": null
},
{
"date": "2020-05-07T00:00:00",
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-593",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-597",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-599",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-631",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-603",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-620",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-601",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-617",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-621",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-602",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-623",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-616",
"ident": null
},
{
"date": "2020-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-29739",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-163136",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10638",
"ident": null
},
{
"date": "2020-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-295",
"ident": null
},
{
"date": "2020-05-08T12:15:11.067000",
"db": "NVD",
"id": "CVE-2020-10638",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-593",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-597",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-599",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-631",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-603",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-620",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-601",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-617",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-621",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-602",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-623",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-616",
"ident": null
},
{
"date": "2020-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-29739",
"ident": null
},
{
"date": "2021-12-17T00:00:00",
"db": "VULHUB",
"id": "VHN-163136",
"ident": null
},
{
"date": "2020-05-12T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10638",
"ident": null
},
{
"date": "2021-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-295",
"ident": null
},
{
"date": "2024-11-21T04:55:45.027000",
"db": "NVD",
"id": "CVE-2020-10638",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess/SCADA BwTCPIP Heap-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
}
],
"trust": 1.0
}
}
VAR-201904-0181
Vulnerability from variot - Updated: 2026-04-10 23:50Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability.The specific flaw exists within BwNodeIP.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 9.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.5"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-310"
},
{
"db": "ZDI",
"id": "ZDI-19-321"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-319"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"credits": {
"_id": null,
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-310"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-319"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
}
],
"trust": 9.1
},
"cve": "CVE-2019-6550",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-6550",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-08948",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-6550",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 9.8,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-6550",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2019-6550",
"trust": 9.8,
"value": "CRITICAL"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6550",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2019-08948",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-089",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2019-6550",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-310"
},
{
"db": "ZDI",
"id": "ZDI-19-321"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-319"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "VULMON",
"id": "CVE-2019-6550"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"description": {
"_id": null,
"data": "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability.The specific flaw exists within BwNodeIP.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6550"
},
{
"db": "ZDI",
"id": "ZDI-19-310"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-319"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-321"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "VULMON",
"id": "CVE-2019-6550"
}
],
"trust": 10.53
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2019-6550",
"trust": 12.3
},
{
"db": "ZDI",
"id": "ZDI-19-585",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-19-092-01",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-330",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2019-08948",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7914",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-322",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7899",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-311",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7924",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-329",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7927",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-325",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7901",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-313",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7905",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-317",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7882",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-328",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7898",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-310",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7920",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-321",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7930",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7912",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-319",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7911",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7925",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-323",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7881",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-327",
"trust": 0.7
},
{
"db": "BID",
"id": "107675",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.1113",
"trust": 0.6
},
{
"db": "IVD",
"id": "4D85A7A9-A091-4C59-84E6-73C8B6639498",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2019-6550",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-310"
},
{
"db": "ZDI",
"id": "ZDI-19-321"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-319"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "VULMON",
"id": "CVE-2019-6550"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"id": "VAR-201904-0181",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
}
],
"trust": 1.34667458
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
}
]
},
"last_update_date": "2026-04-10T23:50:53.514000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 5.6,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-091-01"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/ICSA-19-092-01"
},
{
"title": "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/157945"
},
{
"title": "Advantech WebAccess/SCADA Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91013"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-310"
},
{
"db": "ZDI",
"id": "ZDI-19-321"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-319"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 8.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-092-01"
},
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-091-01"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-585/"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/107675"
},
{
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-092-01"
},
{
"trust": 0.6,
"url": "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv\u0026doc_source=download"
},
{
"trust": 0.6,
"url": "https://www.advantech.com/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6550"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-330/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78318"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-310"
},
{
"db": "ZDI",
"id": "ZDI-19-321"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-319"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "VULMON",
"id": "CVE-2019-6550"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-322",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-311",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-329",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-325",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-313",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-317",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-328",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-310",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-321",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-330",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-319",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-585",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-323",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-327",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2019-08948",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2019-6550",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2019-6550",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-04-03T00:00:00",
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-322",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-311",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-329",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-325",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-313",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-317",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-328",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-310",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-321",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-330",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-319",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-585",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-323",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-327",
"ident": null
},
{
"date": "2019-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-08948",
"ident": null
},
{
"date": "2019-04-05T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6550",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-089",
"ident": null
},
{
"date": "2019-04-05T19:29:00.310000",
"db": "NVD",
"id": "CVE-2019-6550",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-322",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-311",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-329",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-325",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-313",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-317",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-328",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-310",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-321",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-330",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-319",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-585",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-323",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-327",
"ident": null
},
{
"date": "2019-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-08948",
"ident": null
},
{
"date": "2020-10-06T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6550",
"ident": null
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-089",
"ident": null
},
{
"date": "2024-11-21T04:46:40.660000",
"db": "NVD",
"id": "CVE-2019-6550",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node bwthinfl Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-321"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
}
],
"trust": 0.8
}
}
VAR-201601-0038
Vulnerability from variot - Updated: 2026-04-10 23:45Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2731 IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 11.2,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-077"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-114"
},
{
"db": "ZDI",
"id": "ZDI-16-098"
},
{
"db": "ZDI",
"id": "ZDI-16-099"
},
{
"db": "ZDI",
"id": "ZDI-16-048"
},
{
"db": "ZDI",
"id": "ZDI-16-081"
},
{
"db": "ZDI",
"id": "ZDI-16-101"
},
{
"db": "ZDI",
"id": "ZDI-16-117"
},
{
"db": "ZDI",
"id": "ZDI-16-071"
},
{
"db": "ZDI",
"id": "ZDI-16-082"
},
{
"db": "ZDI",
"id": "ZDI-16-076"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-077"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-114"
},
{
"db": "ZDI",
"id": "ZDI-16-098"
},
{
"db": "ZDI",
"id": "ZDI-16-099"
},
{
"db": "ZDI",
"id": "ZDI-16-048"
},
{
"db": "ZDI",
"id": "ZDI-16-081"
},
{
"db": "ZDI",
"id": "ZDI-16-101"
},
{
"db": "ZDI",
"id": "ZDI-16-117"
},
{
"db": "ZDI",
"id": "ZDI-16-071"
},
{
"db": "ZDI",
"id": "ZDI-16-082"
},
{
"db": "ZDI",
"id": "ZDI-16-076"
}
],
"trust": 11.2
},
"cve": "CVE-2016-0856",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0856",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 11.2,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0856",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00434",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "64dba96e-2351-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0856",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-0856",
"trust": 11.2,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0856",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2016-00434",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-329",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-077"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-114"
},
{
"db": "ZDI",
"id": "ZDI-16-098"
},
{
"db": "ZDI",
"id": "ZDI-16-099"
},
{
"db": "ZDI",
"id": "ZDI-16-048"
},
{
"db": "ZDI",
"id": "ZDI-16-081"
},
{
"db": "ZDI",
"id": "ZDI-16-101"
},
{
"db": "ZDI",
"id": "ZDI-16-117"
},
{
"db": "ZDI",
"id": "ZDI-16-071"
},
{
"db": "ZDI",
"id": "ZDI-16-082"
},
{
"db": "ZDI",
"id": "ZDI-16-076"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"description": {
"_id": null,
"data": "Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2731 IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0856"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-076"
},
{
"db": "ZDI",
"id": "ZDI-16-082"
},
{
"db": "ZDI",
"id": "ZDI-16-071"
},
{
"db": "ZDI",
"id": "ZDI-16-117"
},
{
"db": "ZDI",
"id": "ZDI-16-101"
},
{
"db": "ZDI",
"id": "ZDI-16-081"
},
{
"db": "ZDI",
"id": "ZDI-16-048"
},
{
"db": "ZDI",
"id": "ZDI-16-099"
},
{
"db": "ZDI",
"id": "ZDI-16-098"
},
{
"db": "ZDI",
"id": "ZDI-16-114"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-077"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 11.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-0856",
"trust": 13.6
},
{
"db": "ZDI",
"id": "ZDI-16-103",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-16-114",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-16-101",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-16-117",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-16-108",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-113",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-112",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-116",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-100",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-111",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-118",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-115",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-106",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-120",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-110",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-102",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-109",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-16-014-01",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2016-00434",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3211",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-090",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3239",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-062",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3207",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-094",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3175",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-051",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3224",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-077",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3198",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3186",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3203",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-098",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3202",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-099",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3149",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-048",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3220",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-081",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3200",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3183",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3230",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-071",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3219",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-082",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3225",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-076",
"trust": 0.7
},
{
"db": "CXSECURITY",
"id": "WLB-2018030263",
"trust": 0.6
},
{
"db": "IVD",
"id": "64DBA96E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-077"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-114"
},
{
"db": "ZDI",
"id": "ZDI-16-098"
},
{
"db": "ZDI",
"id": "ZDI-16-099"
},
{
"db": "ZDI",
"id": "ZDI-16-048"
},
{
"db": "ZDI",
"id": "ZDI-16-081"
},
{
"db": "ZDI",
"id": "ZDI-16-101"
},
{
"db": "ZDI",
"id": "ZDI-16-117"
},
{
"db": "ZDI",
"id": "ZDI-16-071"
},
{
"db": "ZDI",
"id": "ZDI-16-082"
},
{
"db": "ZDI",
"id": "ZDI-16-076"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"id": "VAR-201601-0038",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
}
],
"trust": 1.23470696
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
}
]
},
"last_update_date": "2026-04-10T23:45:45.755000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 11.2,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2016-00434)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/70378"
},
{
"title": "Advantech WebAccess Fixes for stack-based buffer overflow vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59647"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-077"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-114"
},
{
"db": "ZDI",
"id": "ZDI-16-098"
},
{
"db": "ZDI",
"id": "ZDI-16-099"
},
{
"db": "ZDI",
"id": "ZDI-16-048"
},
{
"db": "ZDI",
"id": "ZDI-16-081"
},
{
"db": "ZDI",
"id": "ZDI-16-101"
},
{
"db": "ZDI",
"id": "ZDI-16-117"
},
{
"db": "ZDI",
"id": "ZDI-16-071"
},
{
"db": "ZDI",
"id": "ZDI-16-082"
},
{
"db": "ZDI",
"id": "ZDI-16-076"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 12.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-114"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-118"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-112"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-108"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-101"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-116"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-113"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-106"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-120"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-100"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-110"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-109"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-111"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-103"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-115"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-117"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-102"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0856"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2018030263"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-077"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-114"
},
{
"db": "ZDI",
"id": "ZDI-16-098"
},
{
"db": "ZDI",
"id": "ZDI-16-099"
},
{
"db": "ZDI",
"id": "ZDI-16-048"
},
{
"db": "ZDI",
"id": "ZDI-16-081"
},
{
"db": "ZDI",
"id": "ZDI-16-101"
},
{
"db": "ZDI",
"id": "ZDI-16-117"
},
{
"db": "ZDI",
"id": "ZDI-16-071"
},
{
"db": "ZDI",
"id": "ZDI-16-082"
},
{
"db": "ZDI",
"id": "ZDI-16-076"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-090",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-062",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-094",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-051",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-077",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-103",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-114",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-098",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-099",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-048",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-081",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-101",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-117",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-071",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-082",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-076",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2016-00434",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-0856",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-25T00:00:00",
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-090",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-062",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-094",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-051",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-077",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-103",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-114",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-098",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-099",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-048",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-081",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-101",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-117",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-071",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-082",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-076",
"ident": null
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00434",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-329",
"ident": null
},
{
"date": "2016-01-15T03:59:18.250000",
"db": "NVD",
"id": "CVE-2016-0856",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-090",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-062",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-094",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-051",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-077",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-103",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-114",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-098",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-099",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-048",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-081",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-101",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-117",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-071",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-082",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-076",
"ident": null
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00434",
"ident": null
},
{
"date": "2021-08-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-329",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-0856",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess webvrpcs Service BwKrlApi.dll strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-081"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
}
],
"trust": 0.6
}
}
VAR-201801-0151
Vulnerability from variot - Updated: 2026-04-10 23:45A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of the command line in the BwOpcImg utility. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. Multiple stack-based buffer-overflow vulnerabilities 3. A directory-traversal vulnerability 4. An SQL-injection vulnerability 5. Failed attacks will cause denial of service conditions. versions prior to Advantech WebAccess 8.3 are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 9.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 1.6,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-047"
},
{
"db": "ZDI",
"id": "ZDI-18-058"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-045"
},
{
"db": "ZDI",
"id": "ZDI-18-062"
},
{
"db": "ZDI",
"id": "ZDI-18-043"
},
{
"db": "ZDI",
"id": "ZDI-18-023"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"credits": {
"_id": null,
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-047"
},
{
"db": "ZDI",
"id": "ZDI-18-058"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-045"
},
{
"db": "ZDI",
"id": "ZDI-18-062"
},
{
"db": "ZDI",
"id": "ZDI-18-043"
},
{
"db": "ZDI",
"id": "ZDI-18-023"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
}
],
"trust": 9.8
},
"cve": "CVE-2017-16724",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16724",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 9.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-16724",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16724",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-00671",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-16724",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-16724",
"trust": 9.1,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2017-16724",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2017-16724",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-00671",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-242",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-047"
},
{
"db": "ZDI",
"id": "ZDI-18-058"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-045"
},
{
"db": "ZDI",
"id": "ZDI-18-062"
},
{
"db": "ZDI",
"id": "ZDI-18-043"
},
{
"db": "ZDI",
"id": "ZDI-18-023"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"description": {
"_id": null,
"data": "A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of the command line in the BwOpcImg utility. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple denial-of-service vulnerabilities\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. A directory-traversal vulnerability\n4. An SQL-injection vulnerability\n5. Failed attacks will cause denial of service conditions. \nversions prior to Advantech WebAccess 8.3 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16724"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "ZDI",
"id": "ZDI-18-023"
},
{
"db": "ZDI",
"id": "ZDI-18-043"
},
{
"db": "ZDI",
"id": "ZDI-18-062"
},
{
"db": "ZDI",
"id": "ZDI-18-045"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-058"
},
{
"db": "ZDI",
"id": "ZDI-18-047"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
}
],
"trust": 10.71
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-16724",
"trust": 12.5
},
{
"db": "BID",
"id": "102424",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-004-02",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2018-00671",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5045",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-044",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5052",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-050",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5054",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-053",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5064",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-061",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4993",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-025",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5048",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-047",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5061",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-058",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5063",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-060",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5050",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-049",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5046",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-045",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5065",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-062",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5044",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-043",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4991",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-023",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5047",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-046",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2E0E08F-39AB-11E9-B1D1-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-047"
},
{
"db": "ZDI",
"id": "ZDI-18-058"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-045"
},
{
"db": "ZDI",
"id": "ZDI-18-062"
},
{
"db": "ZDI",
"id": "ZDI-18-043"
},
{
"db": "ZDI",
"id": "ZDI-18-023"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"id": "VAR-201801-0151",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
}
],
"trust": 1.3972832733333334
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
}
]
},
"last_update_date": "2026-04-10T23:45:40.671000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-00671)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/113123"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77553"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-047"
},
{
"db": "ZDI",
"id": "ZDI-18-058"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-045"
},
{
"db": "ZDI",
"id": "ZDI-18-062"
},
{
"db": "ZDI",
"id": "ZDI-18-043"
},
{
"db": "ZDI",
"id": "ZDI-18-023"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 11.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/102424"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-047"
},
{
"db": "ZDI",
"id": "ZDI-18-058"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-045"
},
{
"db": "ZDI",
"id": "ZDI-18-062"
},
{
"db": "ZDI",
"id": "ZDI-18-043"
},
{
"db": "ZDI",
"id": "ZDI-18-023"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-044",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-050",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-053",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-061",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-025",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-047",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-058",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-060",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-049",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-045",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-062",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-043",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-023",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-046",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-00671",
"ident": null
},
{
"db": "BID",
"id": "102424",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-16724",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-01-10T00:00:00",
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-044",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-050",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-053",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-061",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-025",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-047",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-058",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-060",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-049",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-045",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-062",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-043",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-023",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-046",
"ident": null
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00671",
"ident": null
},
{
"date": "2018-01-04T00:00:00",
"db": "BID",
"id": "102424",
"ident": null
},
{
"date": "2018-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-242",
"ident": null
},
{
"date": "2018-01-05T08:29:00.347000",
"db": "NVD",
"id": "CVE-2017-16724",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-044",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-050",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-053",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-061",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-025",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-047",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-058",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-060",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-049",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-045",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-062",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-043",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-023",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-046",
"ident": null
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00671",
"ident": null
},
{
"date": "2018-01-04T00:00:00",
"db": "BID",
"id": "102424",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-242",
"ident": null
},
{
"date": "2024-11-21T03:16:51.453000",
"db": "NVD",
"id": "CVE-2017-16724",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess bwwfaa Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-044"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
}
],
"trust": 0.8
}
}
VAR-201801-0152
Vulnerability from variot - Updated: 2026-04-10 23:45An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash. Advantech WebAccess Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27f2 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A denial of service vulnerability exists in versions prior to Advantech WebAccess 8.3
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 9.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 2.4,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-040"
},
{
"db": "ZDI",
"id": "ZDI-18-057"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-010"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-030"
},
{
"db": "ZDI",
"id": "ZDI-18-037"
},
{
"db": "ZDI",
"id": "ZDI-18-015"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011796"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011796"
}
]
},
"credits": {
"_id": null,
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-040"
},
{
"db": "ZDI",
"id": "ZDI-18-057"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-010"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-030"
},
{
"db": "ZDI",
"id": "ZDI-18-037"
},
{
"db": "ZDI",
"id": "ZDI-18-015"
}
],
"trust": 9.8
},
"cve": "CVE-2017-16728",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16728",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 9.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-16728",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16728",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-00673",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-16728",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-16728",
"trust": 9.1,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2017-16728",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-16728",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2017-16728",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-00673",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-241",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-040"
},
{
"db": "ZDI",
"id": "ZDI-18-057"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-010"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-030"
},
{
"db": "ZDI",
"id": "ZDI-18-037"
},
{
"db": "ZDI",
"id": "ZDI-18-015"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011796"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"description": {
"_id": null,
"data": "An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash. Advantech WebAccess Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27f2 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A denial of service vulnerability exists in versions prior to Advantech WebAccess 8.3",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16728"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011796"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-015"
},
{
"db": "ZDI",
"id": "ZDI-18-037"
},
{
"db": "ZDI",
"id": "ZDI-18-030"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-010"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-057"
},
{
"db": "ZDI",
"id": "ZDI-18-040"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
}
],
"trust": 11.16
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-16728",
"trust": 13.0
},
{
"db": "BID",
"id": "102424",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-004-02",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-00673",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-18-004-02A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011796",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5003",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-035",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4959",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-012",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4973",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-020",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5006",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-038",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5007",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-039",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5010",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-040",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5060",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-057",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4964",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-017",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4953",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-010",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5004",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-036",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4963",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-016",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4998",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-030",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5005",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-037",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4962",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-015",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2E1079E-39AB-11E9-9B2B-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-040"
},
{
"db": "ZDI",
"id": "ZDI-18-057"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-010"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-030"
},
{
"db": "ZDI",
"id": "ZDI-18-037"
},
{
"db": "ZDI",
"id": "ZDI-18-015"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011796"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"id": "VAR-201801-0152",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
}
],
"trust": 1.23470696
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
}
]
},
"last_update_date": "2026-04-10T23:45:36.615000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Denial of Service Vulnerability (CNVD-2018-00673)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/113125"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77552"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-040"
},
{
"db": "ZDI",
"id": "ZDI-18-057"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-010"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-030"
},
{
"db": "ZDI",
"id": "ZDI-18-037"
},
{
"db": "ZDI",
"id": "ZDI-18-015"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011796"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-476",
"trust": 1.8
},
{
"problemtype": "CWE-822",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011796"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 11.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/102424"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16728"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02a"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16728"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-040"
},
{
"db": "ZDI",
"id": "ZDI-18-057"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-010"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-030"
},
{
"db": "ZDI",
"id": "ZDI-18-037"
},
{
"db": "ZDI",
"id": "ZDI-18-015"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011796"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-035",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-012",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-020",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-038",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-039",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-040",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-057",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-017",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-010",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-036",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-016",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-030",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-037",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-015",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-00673",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011796",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-16728",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-01-10T00:00:00",
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-035",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-012",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-020",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-038",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-039",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-040",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-057",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-017",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-010",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-036",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-016",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-030",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-037",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-015",
"ident": null
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00673",
"ident": null
},
{
"date": "2018-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-241",
"ident": null
},
{
"date": "2018-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011796",
"ident": null
},
{
"date": "2018-01-05T08:29:00.393000",
"db": "NVD",
"id": "CVE-2017-16728",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-035",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-012",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-020",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-038",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-039",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-040",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-057",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-017",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-010",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-036",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-016",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-030",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-037",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-015",
"ident": null
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00673",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-241",
"ident": null
},
{
"date": "2018-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011796",
"ident": null
},
{
"date": "2024-11-21T03:16:52.023000",
"db": "NVD",
"id": "CVE-2017-16728",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-015"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
}
],
"trust": 0.8
}
}
VAR-201805-1143
Vulnerability from variot - Updated: 2026-04-10 23:45In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwblcmd.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 9.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"credits": {
"_id": null,
"data": "Mat Powell - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
}
],
"trust": 8.4
},
"cve": "CVE-2018-7499",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7499",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 9.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7499",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10713",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137531",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7499",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7499",
"trust": 9.8,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7499",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-10713",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-446",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-137531",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "VULHUB",
"id": "VHN-137531"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwblcmd.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7499"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137531"
}
],
"trust": 10.53
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7499",
"trust": 12.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 2.3
},
{
"db": "BID",
"id": "104190",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2018-10713",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5691",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-516",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5694",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-519",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5698",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-523",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5700",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-525",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5684",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-509",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5688",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-513",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5681",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-506",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5678",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-503",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5689",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-514",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5695",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-520",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5663",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-498",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5683",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-508",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5685",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-510",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5699",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-524",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F10D30-39AB-11E9-AE57-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137531",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "VULHUB",
"id": "VHN-137531"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"id": "VAR-201805-1143",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "VULHUB",
"id": "VHN-137531"
}
],
"trust": 1.5316815933333334
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
}
]
},
"last_update_date": "2026-04-10T23:45:35.471000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-10713)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130743"
},
{
"title": "Multiple Advantech Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80056"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137531"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 12.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-513"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-503"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "VULHUB",
"id": "VHN-137531"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-513",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-503",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-514",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-498",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-508",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-510",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137531",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-513",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-503",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-514",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-498",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-508",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-510",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137531",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"date": "2018-05-15T22:29:00.503000",
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-513",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-503",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-514",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-498",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-508",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-510",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"date": "2020-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-137531",
"ident": null
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"date": "2024-11-21T04:12:15.050000",
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node bwsound Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
],
"trust": 0.8
}
}
VAR-201805-1144
Vulnerability from variot - Updated: 2026-04-10 23:45In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the GetTrendDetail function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). SQL injection vulnerabilities exist in several Advantech products. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 9.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
}
],
"trust": 9.8
},
"cve": "CVE-2018-7501",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-7501",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 8.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7501",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 2.4,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-10317",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137533",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7501",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7501",
"trust": 9.8,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7501",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-10317",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-445",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137533",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the GetTrendDetail function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). SQL injection vulnerabilities exist in several Advantech products. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7501"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137533"
}
],
"trust": 10.53
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7501",
"trust": 12.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 2.3
},
{
"db": "BID",
"id": "104190",
"trust": 2.3
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-10317",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5611",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-481",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5653",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-489",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5649",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-485",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5652",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-488",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5650",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-486",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5609",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-479",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5597",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-474",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5608",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-478",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5590",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-553",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5606",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-476",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5612",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-482",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5519",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-472",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5607",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-477",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5596",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-473",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F022CF-39AB-11E9-A809-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137533",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"id": "VAR-201805-1144",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
}
],
"trust": 1.5316815933333334
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
}
]
},
"last_update_date": "2026-04-10T23:45:35.332000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess SQL Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130233"
},
{
"title": "Multiple Advantech product SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80055"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-89",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 12.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-473"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-482",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-472",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-477",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-473",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137533",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-25T00:00:00",
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"date": "2018-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-482",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-472",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-477",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-473",
"ident": null
},
{
"date": "2018-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137533",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"date": "2018-05-15T22:29:00.567000",
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"date": "2018-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-482",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-472",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-477",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-473",
"ident": null
},
{
"date": "2018-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137533",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"date": "2024-11-21T04:12:15.263000",
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node BWSCADASoap GetAlarms SQL Injection Information Disclosure Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
],
"trust": 0.8
}
}
VAR-201906-1029
Vulnerability from variot - Updated: 2026-04-10 23:38In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. WebAccess/SCADA Is NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. An information disclosure vulnerability 5. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 9.1,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.5"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.5"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.5"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.4"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.2"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.4.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-611"
},
{
"db": "ZDI",
"id": "ZDI-19-612"
},
{
"db": "ZDI",
"id": "ZDI-19-602"
},
{
"db": "ZDI",
"id": "ZDI-19-603"
},
{
"db": "ZDI",
"id": "ZDI-19-617"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-607"
},
{
"db": "ZDI",
"id": "ZDI-19-623"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "BID",
"id": "108923"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
}
]
},
"credits": {
"_id": null,
"data": "Natnael Samson (@NattiSamson)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-611"
},
{
"db": "ZDI",
"id": "ZDI-19-612"
},
{
"db": "ZDI",
"id": "ZDI-19-602"
},
{
"db": "ZDI",
"id": "ZDI-19-603"
},
{
"db": "ZDI",
"id": "ZDI-19-617"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-607"
}
],
"trust": 8.4
},
"cve": "CVE-2019-10993",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10993",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-32473",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10993",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 9.1,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10993",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10993",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2019-10993",
"trust": 9.1,
"value": "CRITICAL"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10993",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10993",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-32473",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-1077",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-611"
},
{
"db": "ZDI",
"id": "ZDI-19-612"
},
{
"db": "ZDI",
"id": "ZDI-19-602"
},
{
"db": "ZDI",
"id": "ZDI-19-603"
},
{
"db": "ZDI",
"id": "ZDI-19-617"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-607"
},
{
"db": "ZDI",
"id": "ZDI-19-623"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"description": {
"_id": null,
"data": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. WebAccess/SCADA Is NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. An information disclosure vulnerability\n5. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (\u00e2??../\u00e2??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10993"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "ZDI",
"id": "ZDI-19-602"
},
{
"db": "ZDI",
"id": "ZDI-19-623"
},
{
"db": "ZDI",
"id": "ZDI-19-607"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-617"
},
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-603"
},
{
"db": "ZDI",
"id": "ZDI-19-612"
},
{
"db": "ZDI",
"id": "ZDI-19-611"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "BID",
"id": "108923"
},
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
}
],
"trust": 10.8
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2019-10993",
"trust": 12.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-178-05",
"trust": 2.7
},
{
"db": "ZDI",
"id": "ZDI-19-613",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-616",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-611",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-612",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-602",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-603",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-617",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-615",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-607",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-623",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-618",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-19-606",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-19-614",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-19-597",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-19-605",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-19-601",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-19-598",
"trust": 1.6
},
{
"db": "BID",
"id": "108923",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-32473",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8129",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-599",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8146",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8143",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-610",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8150",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8118",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-595",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8144",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8145",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8135",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8136",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8151",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8148",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8140",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8119",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2350",
"trust": 0.6
},
{
"db": "IVD",
"id": "D5DCD84F-1ACA-4DC3-AC16-D5C7C3DD4D07",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-611"
},
{
"db": "ZDI",
"id": "ZDI-19-612"
},
{
"db": "ZDI",
"id": "ZDI-19-602"
},
{
"db": "ZDI",
"id": "ZDI-19-603"
},
{
"db": "ZDI",
"id": "ZDI-19-617"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-607"
},
{
"db": "ZDI",
"id": "ZDI-19-623"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "BID",
"id": "108923"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"id": "VAR-201906-1029",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
}
],
"trust": 1.34667458
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
}
]
},
"last_update_date": "2026-04-10T23:38:39.157000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "https://www.advantech.co.jp/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess/SCADA arbitrary code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/181487"
},
{
"title": "Advantech WebAccess/SCADA Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94180"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-611"
},
{
"db": "ZDI",
"id": "ZDI-19-612"
},
{
"db": "ZDI",
"id": "ZDI-19-602"
},
{
"db": "ZDI",
"id": "ZDI-19-603"
},
{
"db": "ZDI",
"id": "ZDI-19-617"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-607"
},
{
"db": "ZDI",
"id": "ZDI-19-623"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "CWE-476",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 11.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
},
{
"trust": 2.2,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-623/"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10993"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-597/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-611/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-601/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-612/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-598/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-615/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-605/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-616/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-602/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-613/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-603/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-614/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-606/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-617/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-607/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-618/"
},
{
"trust": 0.9,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10993"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/108923"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2350/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-611"
},
{
"db": "ZDI",
"id": "ZDI-19-612"
},
{
"db": "ZDI",
"id": "ZDI-19-602"
},
{
"db": "ZDI",
"id": "ZDI-19-603"
},
{
"db": "ZDI",
"id": "ZDI-19-617"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-607"
},
{
"db": "ZDI",
"id": "ZDI-19-623"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "BID",
"id": "108923"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-599",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-613",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-610",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-616",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-595",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-611",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-612",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-602",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-603",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-617",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-615",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-607",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-623",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2019-32473",
"ident": null
},
{
"db": "BID",
"id": "108923",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2019-10993",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-09-21T00:00:00",
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-599",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-613",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-610",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-616",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-595",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-611",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-612",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-602",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-603",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-617",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-615",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-607",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-623",
"ident": null
},
{
"date": "2019-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-32473",
"ident": null
},
{
"date": "2019-06-27T00:00:00",
"db": "BID",
"id": "108923",
"ident": null
},
{
"date": "2019-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-1077",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005812",
"ident": null
},
{
"date": "2019-06-28T21:15:11.353000",
"db": "NVD",
"id": "CVE-2019-10993",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-599",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-613",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-610",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-616",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-595",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-611",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-612",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-602",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-603",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-617",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-615",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-607",
"ident": null
},
{
"date": "2024-01-19T00:00:00",
"db": "ZDI",
"id": "ZDI-19-623",
"ident": null
},
{
"date": "2019-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-32473",
"ident": null
},
{
"date": "2019-06-27T00:00:00",
"db": "BID",
"id": "108923",
"ident": null
},
{
"date": "2022-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-1077",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005812",
"ident": null
},
{
"date": "2024-11-21T04:20:18.740000",
"db": "NVD",
"id": "CVE-2019-10993",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess/SCADA Arbitrary code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
}
],
"trust": 0.6
}
}
VAR-201705-3745
Vulnerability from variot - Updated: 2025-04-20 23:31An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability.The specific flaw exists within odbcPg4.asp. An attacker can leverage this vulnerability to overwrite key web files which will disable functionality on the target machine. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A directory traversal vulnerability exists in Advantech WebAccess due to the application's failure to adequately filter user-supplied input. A remote attacker exploited the vulnerability to retrieve sensitive information and execute arbitrary code through a specially crafted request with a directory traversal sequence ('../'). This may aid in further attacks. Advantech WebAccess version 8.1 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-3745",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess 8.2 20170330",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhou Yu",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-322"
}
],
"trust": 0.7
},
"cve": "CVE-2017-7929",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-7929",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2017-7929",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2017-06980",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-116132",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-7929",
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7929",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-7929",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2017-7929",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-06980",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-931",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-116132",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability.The specific flaw exists within odbcPg4.asp. An attacker can leverage this vulnerability to overwrite key web files which will disable functionality on the target machine. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A directory traversal vulnerability exists in Advantech WebAccess due to the application\u0027s failure to adequately filter user-supplied input. A remote attacker exploited the vulnerability to retrieve sensitive information and execute arbitrary code through a specially crafted request with a directory traversal sequence (\u0027../\u0027). This may aid in further attacks. \nAdvantech WebAccess version 8.1 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "VULHUB",
"id": "VHN-116132"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7929",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-124-03",
"trust": 2.8
},
{
"db": "BID",
"id": "98311",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-06980",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4013",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-322",
"trust": 0.7
},
{
"db": "IVD",
"id": "72B8F504-9FAF-4E5E-9287-87F7CB248C3E",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116132",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"id": "VAR-201705-3745",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
}
],
"trust": 1.438782045
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
}
]
},
"last_update_date": "2025-04-20T23:31:00.500000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-03"
},
{
"title": "Patch for Advantech WebAccess Directory Traversal Vulnerability (CNVD-2017-06980)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/93984"
},
{
"title": "Advantech WebAccess Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99746"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
},
{
"problemtype": "CWE-36",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-124-03"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/98311"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7929"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7929"
},
{
"trust": 0.3,
"url": "http://www.advantech.in/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-19T00:00:00",
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"date": "2017-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"date": "2017-05-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"date": "2017-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-116132"
},
{
"date": "2017-05-04T00:00:00",
"db": "BID",
"id": "98311"
},
{
"date": "2017-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"date": "2017-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-931"
},
{
"date": "2017-05-06T00:29:00.490000",
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"date": "2017-05-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116132"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "98311"
},
{
"date": "2017-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-931"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Path traversal vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
],
"trust": 0.8
}
}
VAR-201705-2332
Vulnerability from variot - Updated: 2025-04-20 23:16upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within upAdminPg.asp. One project administrator can view other project administrators' passwords along with the system administrator's password. An attacker can leverage this vulnerability to escalate privileges within the system. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. ActiveX is one of the components used to transmit dynamic images in surveillance. A version of ActiveX prior to Advantech WebAccess 8.1_20160519 has a security vulnerability. An attacker could exploit the vulnerability to insert or run arbitrary code on an affected system
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.1_20160519"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c8.1 20160519",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
}
]
},
"credits": {
"_id": null,
"data": "Zhou Yu",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-429"
}
],
"trust": 0.7
},
"cve": "CVE-2016-5810",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2016-5810",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2016-5810",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-10506",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-94629",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2016-5810",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5810",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-5810",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-5810",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-10506",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-867",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-94629",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
}
]
},
"description": {
"_id": null,
"data": "upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within upAdminPg.asp. One project administrator can view other project administrators\u0027 passwords along with the system administrator\u0027s password. An attacker can leverage this vulnerability to escalate privileges within the system. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. ActiveX is one of the components used to transmit dynamic images in surveillance. A version of ActiveX prior to Advantech WebAccess 8.1_20160519 has a security vulnerability. An attacker could exploit the vulnerability to insert or run arbitrary code on an affected system",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "VULHUB",
"id": "VHN-94629"
}
],
"trust": 3.06
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-5810",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-16-173-01",
"trust": 3.1
},
{
"db": "ZDI",
"id": "ZDI-16-429",
"trust": 2.4
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-10506",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3746",
"trust": 0.7
},
{
"db": "IVD",
"id": "29796EEF-56CD-4EE0-AEFC-005C9EC1B53A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94629",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
}
]
},
"id": "VAR-201705-2332",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
}
],
"trust": 1.474496345
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
}
]
},
"last_update_date": "2025-04-20T23:16:10.045000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-173-01"
},
{
"title": "Advantech WebAccess ActiveX vulnerable patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/83391"
},
{
"title": "Advantech WebAccess ActiveX Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65188"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-173-01"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-429"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5810"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5810"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-429",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2016-10506",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-94629",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-5810",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-11-02T00:00:00",
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
"ident": null
},
{
"date": "2016-07-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-429",
"ident": null
},
{
"date": "2016-11-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10506",
"ident": null
},
{
"date": "2017-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-94629",
"ident": null
},
{
"date": "2017-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008542",
"ident": null
},
{
"date": "2016-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-867",
"ident": null
},
{
"date": "2017-05-02T14:59:00.487000",
"db": "NVD",
"id": "CVE-2016-5810",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-07-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-429",
"ident": null
},
{
"date": "2016-11-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10506",
"ident": null
},
{
"date": "2017-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-94629",
"ident": null
},
{
"date": "2017-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008542",
"ident": null
},
{
"date": "2017-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-867",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-5810",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess of upAdminPg.asp Vulnerable to obtaining important password information",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
],
"trust": 0.6
}
}
VAR-201711-0754
Vulnerability from variot - Updated: 2025-04-20 23:15An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable. Advantech WebAccess Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Advantech WebAccess 8.2_20170817 are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 1.4,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
}
]
},
"credits": {
"_id": null,
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
}
],
"trust": 1.4
},
"cve": "CVE-2017-12719",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-12719",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-12719",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 1.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-32564",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-103269",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12719",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-12719",
"trust": 1.4,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12719",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-12719",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-32564",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-170",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103269",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
}
]
},
"description": {
"_id": null,
"data": "An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable. Advantech WebAccess Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. \nVersions prior to Advantech WebAccess 8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "VULHUB",
"id": "VHN-103269"
}
],
"trust": 3.96
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-12719",
"trust": 5.0
},
{
"db": "ICS CERT",
"id": "ICSA-17-306-02",
"trust": 3.4
},
{
"db": "BID",
"id": "101685",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-32564",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4950",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-939",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4951",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-940",
"trust": 0.7
},
{
"db": "IVD",
"id": "324AEB72-83A5-4EC9-8BFB-77E3DF73ED3A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103269",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
}
]
},
"id": "VAR-201711-0754",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
}
]
},
"last_update_date": "2025-04-20T23:15:51.560000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-02"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech WebAccess Pointer Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/105314"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76156"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-476",
"trust": 1.9
},
{
"problemtype": "CWE-822",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101685"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12719"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12719"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-939",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-940",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2017-32564",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-103269",
"ident": null
},
{
"db": "BID",
"id": "101685",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-12719",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-11-03T00:00:00",
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
"ident": null
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-939",
"ident": null
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-940",
"ident": null
},
{
"date": "2017-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32564",
"ident": null
},
{
"date": "2017-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-103269",
"ident": null
},
{
"date": "2017-11-02T00:00:00",
"db": "BID",
"id": "101685",
"ident": null
},
{
"date": "2017-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009931",
"ident": null
},
{
"date": "2017-11-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-170",
"ident": null
},
{
"date": "2017-11-06T22:29:00.193000",
"db": "NVD",
"id": "CVE-2017-12719",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-939",
"ident": null
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-940",
"ident": null
},
{
"date": "2017-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32564",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103269",
"ident": null
},
{
"date": "2017-12-19T22:36:00",
"db": "BID",
"id": "101685",
"ident": null
},
{
"date": "2017-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009931",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-170",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12719",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
],
"trust": 0.8
}
}
VAR-201711-0409
Vulnerability from variot - Updated: 2025-04-20 23:15A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within implementation of the 0x138bd IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Advantech WebAccess 8.2_20170817 are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
}
]
},
"credits": {
"_id": null,
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-938"
}
],
"trust": 0.7
},
"cve": "CVE-2017-14016",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-14016",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-32562",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-104696",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-14016",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14016",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-14016",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2017-14016",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-32562",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1259",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-104696",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
}
]
},
"description": {
"_id": null,
"data": "A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within implementation of the 0x138bd IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. \nVersions prior to Advantech WebAccess 8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "VULHUB",
"id": "VHN-104696"
}
],
"trust": 3.33
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-104696",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104696"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-14016",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-306-02",
"trust": 3.4
},
{
"db": "BID",
"id": "101685",
"trust": 1.4
},
{
"db": "EXPLOIT-DB",
"id": "43340",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-32562",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4949",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-938",
"trust": 0.7
},
{
"db": "IVD",
"id": "AE88E8AE-B267-4E99-BFAC-8A81BBB4590A",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145401",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-104696",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
}
]
},
"id": "VAR-201711-0409",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
}
]
},
"last_update_date": "2025-04-20T23:15:51.514000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-02"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/105309"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75601"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-121",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-02"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/101685"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/43340/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14016"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14016"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-938",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2017-32562",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-104696",
"ident": null
},
{
"db": "BID",
"id": "101685",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-14016",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-11-03T00:00:00",
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
"ident": null
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-938",
"ident": null
},
{
"date": "2017-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32562",
"ident": null
},
{
"date": "2017-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-104696",
"ident": null
},
{
"date": "2017-11-02T00:00:00",
"db": "BID",
"id": "101685",
"ident": null
},
{
"date": "2017-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009932",
"ident": null
},
{
"date": "2017-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1259",
"ident": null
},
{
"date": "2017-11-06T22:29:00.240000",
"db": "NVD",
"id": "CVE-2017-14016",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-938",
"ident": null
},
{
"date": "2017-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32562",
"ident": null
},
{
"date": "2017-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-104696",
"ident": null
},
{
"date": "2017-12-19T22:36:00",
"db": "BID",
"id": "101685",
"ident": null
},
{
"date": "2017-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009932",
"ident": null
},
{
"date": "2017-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1259",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-14016",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
],
"trust": 0.8
}
}
VAR-201702-0675
Vulnerability from variot - Updated: 2025-04-20 23:05An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess version 8.1. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the software, retrieve information, or modify data; other consequences are possible as well. WebAccess 8.1 is vulnerable; other versions may also be affected
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 3.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "8.1"
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
}
]
},
"credits": {
"_id": null,
"data": "Tenable Network Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "BID",
"id": "95410"
}
],
"trust": 1.0
},
"cve": "CVE-2017-5154",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-5154",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-5154",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-00553",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "f6a19415-1129-4719-ad81-c1d464552563",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-113357",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-5154",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5154",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-5154",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2017-5154",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-00553",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-328",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-113357",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"description": {
"_id": null,
"data": "An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess version 8.1. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. \nAn attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the software, retrieve information, or modify data; other consequences are possible as well. \nWebAccess 8.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "VULHUB",
"id": "VHN-113357"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5154",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-012-01",
"trust": 3.4
},
{
"db": "BID",
"id": "95410",
"trust": 2.0
},
{
"db": "ZDI",
"id": "ZDI-17-043",
"trust": 1.6
},
{
"db": "TENABLE",
"id": "TRA-2017-04",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-00553",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3679",
"trust": 0.7
},
{
"db": "IVD",
"id": "F6A19415-1129-4719-AD81-C1D464552563",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-113357",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"id": "VAR-201702-0675",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
}
],
"trust": 1.33470696
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
}
]
},
"last_update_date": "2025-04-20T23:05:29.697000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-012-01"
},
{
"title": "Advantech WebAccess \u0027updateTemplate.aspx\u0027 SQL Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/88106"
},
{
"title": "Advantech WebAccess SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66985"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/95410"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/research/tra-2017-04"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5154"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5154"
},
{
"trust": 0.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/ "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-043",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2017-00553",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-113357",
"ident": null
},
{
"db": "BID",
"id": "95410",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5154",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563",
"ident": null
},
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043",
"ident": null
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00553",
"ident": null
},
{
"date": "2017-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-113357",
"ident": null
},
{
"date": "2017-01-12T00:00:00",
"db": "BID",
"id": "95410",
"ident": null
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001616",
"ident": null
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-328",
"ident": null
},
{
"date": "2017-02-13T21:59:02.707000",
"db": "NVD",
"id": "CVE-2017-5154",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043",
"ident": null
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00553",
"ident": null
},
{
"date": "2017-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-113357",
"ident": null
},
{
"date": "2017-01-23T04:05:00",
"db": "BID",
"id": "95410",
"ident": null
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001616",
"ident": null
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-328",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-5154",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
],
"trust": 0.8
}
}
VAR-201702-0673
Vulnerability from variot - Updated: 2025-04-20 23:05An issue was discovered in Advantech WebAccess Version 8.1. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access pages unrestricted (AUTHENTICATION BYPASS). This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess (formerly known as BroadWinWebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A security bypass vulnerability exists in Advantech WebAccess version 8.1. An attacker could exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. WebAccess 8.1 is vulnerable; other versions may also be affected
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 3.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "8.1"
}
],
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
}
]
},
"credits": {
"_id": null,
"data": "Tenable Network Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "BID",
"id": "95410"
}
],
"trust": 1.0
},
"cve": "CVE-2017-5152",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-5152",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-5152",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2017-00552",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-113355",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-5152",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5152",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-5152",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2017-5152",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-00552",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-327",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-113355",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
}
]
},
"description": {
"_id": null,
"data": "An issue was discovered in Advantech WebAccess Version 8.1. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access pages unrestricted (AUTHENTICATION BYPASS). This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess (formerly known as BroadWinWebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A security bypass vulnerability exists in Advantech WebAccess version 8.1. An attacker could exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. \nWebAccess 8.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "VULHUB",
"id": "VHN-113355"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5152",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-012-01",
"trust": 3.4
},
{
"db": "BID",
"id": "95410",
"trust": 2.0
},
{
"db": "ZDI",
"id": "ZDI-17-043",
"trust": 1.6
},
{
"db": "TENABLE",
"id": "TRA-2017-04",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-00552",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3679",
"trust": 0.7
},
{
"db": "IVD",
"id": "EC77C86B-3355-445C-A5A5-7138437A8D7A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-113355",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
}
]
},
"id": "VAR-201702-0673",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
}
],
"trust": 1.33470696
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
}
]
},
"last_update_date": "2025-04-20T23:05:29.653000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-012-01"
},
{
"title": "Advantech WebAccess Security Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/88105"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66986"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/95410"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/research/tra-2017-04"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5152"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5152"
},
{
"trust": 0.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/ "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-043",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2017-00552",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-113355",
"ident": null
},
{
"db": "BID",
"id": "95410",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5152",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a",
"ident": null
},
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043",
"ident": null
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00552",
"ident": null
},
{
"date": "2017-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-113355",
"ident": null
},
{
"date": "2017-01-12T00:00:00",
"db": "BID",
"id": "95410",
"ident": null
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001615",
"ident": null
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-327",
"ident": null
},
{
"date": "2017-02-13T21:59:02.643000",
"db": "NVD",
"id": "CVE-2017-5152",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043",
"ident": null
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00552",
"ident": null
},
{
"date": "2017-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-113355",
"ident": null
},
{
"date": "2017-01-23T04:05:00",
"db": "BID",
"id": "95410",
"ident": null
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001615",
"ident": null
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-327",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-5152",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
],
"trust": 0.6
}
}
VAR-201708-1127
Vulnerability from variot - Updated: 2025-04-20 23:04An Uncontrolled Search Path Element issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A maliciously crafted dll file placed earlier in the search path may allow an attacker to execute code within the context of the application. Advantech WebAccess Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1274"
},
{
"db": "NVD",
"id": "CVE-2017-12717"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.",
"sources": [
{
"db": "BID",
"id": "100526"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12717",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-12717",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-23878",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-103267",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-12717",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12717",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-12717",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-23878",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1274",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103267",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"db": "VULHUB",
"id": "VHN-103267"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1274"
},
{
"db": "NVD",
"id": "CVE-2017-12717"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Uncontrolled Search Path Element issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A maliciously crafted dll file placed earlier in the search path may allow an attacker to execute code within the context of the application. Advantech WebAccess Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. \nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12717"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"db": "VULHUB",
"id": "VHN-103267"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12717",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.4
},
{
"db": "BID",
"id": "100526",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1274",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23878",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578",
"trust": 0.8
},
{
"db": "IVD",
"id": "4EF81914-2ABC-4800-B27A-606BAFAFB9A9",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103267",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"db": "VULHUB",
"id": "VHN-103267"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1274"
},
{
"db": "NVD",
"id": "CVE-2017-12717"
}
]
},
"id": "VAR-201708-1127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"db": "VULHUB",
"id": "VHN-103267"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23878"
}
]
},
"last_update_date": "2025-04-20T23:04:26.696000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess arbitrary code execution vulnerability (CNVD-2017-23878)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101162"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74363"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1274"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103267"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"db": "NVD",
"id": "CVE-2017-12717"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12717"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12717"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"db": "VULHUB",
"id": "VHN-103267"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1274"
},
{
"db": "NVD",
"id": "CVE-2017-12717"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"db": "VULHUB",
"id": "VHN-103267"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1274"
},
{
"db": "NVD",
"id": "CVE-2017-12717"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103267"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1274"
},
{
"date": "2017-08-30T18:29:01.077000",
"db": "NVD",
"id": "CVE-2017-12717"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23878"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103267"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007578"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1274"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12717"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1274"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Vulnerabilities in uncontrolled search path elements",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007578"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "4ef81914-2abc-4800-b27a-606bafafb9a9"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1274"
}
],
"trust": 0.8
}
}
VAR-201708-1125
Vulnerability from variot - Updated: 2025-04-20 23:04An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges. Advantech WebAccess Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable. There is a security vulnerability in Advantech WebAccess 8.2_20170817 and earlier versions, the vulnerability is caused by the program not having the correct assigned permissions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1125",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60"
},
{
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1276"
},
{
"db": "NVD",
"id": "CVE-2017-12711"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.",
"sources": [
{
"db": "BID",
"id": "100526"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12711",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12711",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-23879",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-103261",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-12711",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12711",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-12711",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-23879",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1276",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103261",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60"
},
{
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"db": "VULHUB",
"id": "VHN-103261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1276"
},
{
"db": "NVD",
"id": "CVE-2017-12711"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges. Advantech WebAccess Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. \nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable. There is a security vulnerability in Advantech WebAccess 8.2_20170817 and earlier versions, the vulnerability is caused by the program not having the correct assigned permissions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12711"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60"
},
{
"db": "VULHUB",
"id": "VHN-103261"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12711",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.4
},
{
"db": "BID",
"id": "100526",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1276",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23879",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576",
"trust": 0.8
},
{
"db": "IVD",
"id": "ED6C966E-7696-4B6D-91C4-D23A85D19A60",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103261",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60"
},
{
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"db": "VULHUB",
"id": "VHN-103261"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1276"
},
{
"db": "NVD",
"id": "CVE-2017-12711"
}
]
},
"id": "VAR-201708-1125",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60"
},
{
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"db": "VULHUB",
"id": "VHN-103261"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60"
},
{
"db": "CNVD",
"id": "CNVD-2017-23879"
}
]
},
"last_update_date": "2025-04-20T23:04:26.655000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101163"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74365"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1276"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-266",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"db": "NVD",
"id": "CVE-2017-12711"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12711"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12711"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"db": "VULHUB",
"id": "VHN-103261"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1276"
},
{
"db": "NVD",
"id": "CVE-2017-12711"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60"
},
{
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"db": "VULHUB",
"id": "VHN-103261"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1276"
},
{
"db": "NVD",
"id": "CVE-2017-12711"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "ed6c966e-7696-4b6d-91c4-d23a85d19a60"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103261"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1276"
},
{
"date": "2017-08-30T18:29:00.827000",
"db": "NVD",
"id": "CVE-2017-12711"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23879"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103261"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007576"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1276"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12711"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1276"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007576"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1276"
}
],
"trust": 0.6
}
}
VAR-201708-1122
Vulnerability from variot - Updated: 2025-04-20 23:04An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities that allow invalid locations to be referenced for the memory buffer, which may allow an attacker to execute arbitrary code or cause the system to crash. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1122",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1278"
},
{
"db": "NVD",
"id": "CVE-2017-12708"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.",
"sources": [
{
"db": "BID",
"id": "100526"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12708",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-12708",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23885",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "0cff38c7-68ab-44c3-a179-a49a32642390",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-103257",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12708",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12708",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-12708",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-23885",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1278",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-103257",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-12708",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"db": "VULHUB",
"id": "VHN-103257"
},
{
"db": "VULMON",
"id": "CVE-2017-12708"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1278"
},
{
"db": "NVD",
"id": "CVE-2017-12708"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities that allow invalid locations to be referenced for the memory buffer, which may allow an attacker to execute arbitrary code or cause the system to crash. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. \nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12708"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"db": "VULHUB",
"id": "VHN-103257"
},
{
"db": "VULMON",
"id": "CVE-2017-12708"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12708",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.5
},
{
"db": "BID",
"id": "100526",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1278",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23885",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574",
"trust": 0.8
},
{
"db": "IVD",
"id": "0CFF38C7-68AB-44C3-A179-A49A32642390",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103257",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-12708",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"db": "VULHUB",
"id": "VHN-103257"
},
{
"db": "VULMON",
"id": "CVE-2017-12708"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1278"
},
{
"db": "NVD",
"id": "CVE-2017-12708"
}
]
},
"id": "VAR-201708-1122",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"db": "VULHUB",
"id": "VHN-103257"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"db": "CNVD",
"id": "CNVD-2017-23885"
}
]
},
"last_update_date": "2025-04-20T23:04:26.611000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Buffer Overflow Vulnerability (CNVD-2017-23885)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101169"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74367"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1278"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103257"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"db": "NVD",
"id": "CVE-2017-12708"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12708"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12708"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"db": "VULHUB",
"id": "VHN-103257"
},
{
"db": "VULMON",
"id": "CVE-2017-12708"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1278"
},
{
"db": "NVD",
"id": "CVE-2017-12708"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"db": "VULHUB",
"id": "VHN-103257"
},
{
"db": "VULMON",
"id": "CVE-2017-12708"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1278"
},
{
"db": "NVD",
"id": "CVE-2017-12708"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103257"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12708"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1278"
},
{
"date": "2017-08-30T18:29:00.530000",
"db": "NVD",
"id": "CVE-2017-12708"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23885"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103257"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12708"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007574"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1278"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12708"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1278"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007574"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "0cff38c7-68ab-44c3-a179-a49a32642390"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1278"
}
],
"trust": 0.8
}
}
VAR-201708-1116
Vulnerability from variot - Updated: 2025-04-20 23:04An Improper Authentication issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests allow a possible authentication bypass that could allow remote code execution. Advantech WebAccess Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1116",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21"
},
{
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1282"
},
{
"db": "NVD",
"id": "CVE-2017-12698"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.",
"sources": [
{
"db": "BID",
"id": "100526"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12698",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-12698",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23881",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-103246",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12698",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12698",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-12698",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-23881",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1282",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-103246",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21"
},
{
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"db": "VULHUB",
"id": "VHN-103246"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1282"
},
{
"db": "NVD",
"id": "CVE-2017-12698"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Improper Authentication issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests allow a possible authentication bypass that could allow remote code execution. Advantech WebAccess Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. \nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12698"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21"
},
{
"db": "VULHUB",
"id": "VHN-103246"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12698",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.4
},
{
"db": "BID",
"id": "100526",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1282",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23881",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571",
"trust": 0.8
},
{
"db": "IVD",
"id": "BBAC1E4C-13FD-496F-9C11-C5FCEB19CA21",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103246",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21"
},
{
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"db": "VULHUB",
"id": "VHN-103246"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1282"
},
{
"db": "NVD",
"id": "CVE-2017-12698"
}
]
},
"id": "VAR-201708-1116",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21"
},
{
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"db": "VULHUB",
"id": "VHN-103246"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21"
},
{
"db": "CNVD",
"id": "CNVD-2017-23881"
}
]
},
"last_update_date": "2025-04-20T23:04:26.571000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech WebAccess verifies patches that bypass the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101165"
},
{
"title": "Advantech WebAccess Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74371"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1282"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103246"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"db": "NVD",
"id": "CVE-2017-12698"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12698"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12698"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"db": "VULHUB",
"id": "VHN-103246"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1282"
},
{
"db": "NVD",
"id": "CVE-2017-12698"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21"
},
{
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"db": "VULHUB",
"id": "VHN-103246"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1282"
},
{
"db": "NVD",
"id": "CVE-2017-12698"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "bbac1e4c-13fd-496f-9c11-c5fceb19ca21"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103246"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1282"
},
{
"date": "2017-08-30T18:29:00.327000",
"db": "NVD",
"id": "CVE-2017-12698"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23881"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103246"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007571"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1282"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12698"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1282"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007571"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1282"
}
],
"trust": 0.6
}
}
VAR-201708-1120
Vulnerability from variot - Updated: 2025-04-20 23:04A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable. The vulnerability stems from the fact that the program does not fully verify the length of the data submitted by the user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1120",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
},
{
"db": "NVD",
"id": "CVE-2017-12706"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.",
"sources": [
{
"db": "BID",
"id": "100526"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12706",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-12706",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23884",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-103255",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12706",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12706",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-12706",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-23884",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1279",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-103255",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"db": "VULHUB",
"id": "VHN-103255"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
},
{
"db": "NVD",
"id": "CVE-2017-12706"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable. The vulnerability stems from the fact that the program does not fully verify the length of the data submitted by the user",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12706"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"db": "VULHUB",
"id": "VHN-103255"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12706",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.4
},
{
"db": "BID",
"id": "100526",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23884",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573",
"trust": 0.8
},
{
"db": "IVD",
"id": "019B6182-3D02-43C0-AAC0-978E45E37A6D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103255",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"db": "VULHUB",
"id": "VHN-103255"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
},
{
"db": "NVD",
"id": "CVE-2017-12706"
}
]
},
"id": "VAR-201708-1120",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"db": "VULHUB",
"id": "VHN-103255"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"db": "CNVD",
"id": "CNVD-2017-23884"
}
]
},
"last_update_date": "2025-04-20T23:04:26.531000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101168"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74368"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-121",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103255"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "NVD",
"id": "CVE-2017-12706"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12706"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12706"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"db": "VULHUB",
"id": "VHN-103255"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
},
{
"db": "NVD",
"id": "CVE-2017-12706"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"db": "VULHUB",
"id": "VHN-103255"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
},
{
"db": "NVD",
"id": "CVE-2017-12706"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103255"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1279"
},
{
"date": "2017-08-30T18:29:00.483000",
"db": "NVD",
"id": "CVE-2017-12706"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23884"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103255"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1279"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12706"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007573"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "019b6182-3d02-43c0-aac0-978e45e37a6d"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1279"
}
],
"trust": 0.8
}
}
VAR-201708-1119
Vulnerability from variot - Updated: 2025-04-20 23:04A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable. The vulnerability stems from the fact that the program does not fully verify the length of the data submitted by the user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1119",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.",
"sources": [
{
"db": "BID",
"id": "100526"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12704",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-12704",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23883",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-103253",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-12704",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12704",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-12704",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-23883",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1280",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103253",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-12704",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable. The vulnerability stems from the fact that the program does not fully verify the length of the data submitted by the user",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12704",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.5
},
{
"db": "BID",
"id": "100526",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23883",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399",
"trust": 0.8
},
{
"db": "IVD",
"id": "96D43DE0-3F58-40E3-841A-E1B2D8A8FCD9",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103253",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-12704",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"id": "VAR-201708-1119",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
}
]
},
"last_update_date": "2025-04-20T23:04:26.488000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess HEAP Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101167"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74369"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-122",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12704"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12704"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103253"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"date": "2017-08-30T18:29:00.407000",
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103253"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
}
],
"trust": 0.8
}
}
VAR-201708-1117
Vulnerability from variot - Updated: 2025-04-20 23:04An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. String format specifiers based on user provided input are not properly validated, which could allow an attacker to execute arbitrary code. Advantech WebAccess Contains a format string vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1117",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1281"
},
{
"db": "NVD",
"id": "CVE-2017-12702"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.",
"sources": [
{
"db": "BID",
"id": "100526"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12702",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-12702",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23882",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "446b7b63-01fd-49d1-9bc1-399f42387092",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-103251",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-12702",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12702",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-12702",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-23882",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1281",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103251",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"db": "VULHUB",
"id": "VHN-103251"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1281"
},
{
"db": "NVD",
"id": "CVE-2017-12702"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. String format specifiers based on user provided input are not properly validated, which could allow an attacker to execute arbitrary code. Advantech WebAccess Contains a format string vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. \nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12702"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"db": "VULHUB",
"id": "VHN-103251"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12702",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.4
},
{
"db": "BID",
"id": "100526",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1281",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23882",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007572",
"trust": 0.8
},
{
"db": "IVD",
"id": "446B7B63-01FD-49D1-9BC1-399F42387092",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103251",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"db": "VULHUB",
"id": "VHN-103251"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1281"
},
{
"db": "NVD",
"id": "CVE-2017-12702"
}
]
},
"id": "VAR-201708-1117",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"db": "VULHUB",
"id": "VHN-103251"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"db": "CNVD",
"id": "CNVD-2017-23882"
}
]
},
"last_update_date": "2025-04-20T23:04:26.447000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Arbitrary Code Execution Vulnerability (CNVD-2017-23882)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101166"
},
{
"title": "Advantech WebAccess Fixes for formatting string vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74370"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1281"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-134",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"db": "NVD",
"id": "CVE-2017-12702"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12702"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12702"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"db": "VULHUB",
"id": "VHN-103251"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1281"
},
{
"db": "NVD",
"id": "CVE-2017-12702"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"db": "VULHUB",
"id": "VHN-103251"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1281"
},
{
"db": "NVD",
"id": "CVE-2017-12702"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103251"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1281"
},
{
"date": "2017-08-30T18:29:00.360000",
"db": "NVD",
"id": "CVE-2017-12702"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23882"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103251"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007572"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1281"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12702"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1281"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Vulnerabilities related to format strings",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007572"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Format string error",
"sources": [
{
"db": "IVD",
"id": "446b7b63-01fd-49d1-9bc1-399f42387092"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1281"
}
],
"trust": 0.8
}
}
VAR-201708-1126
Vulnerability from variot - Updated: 2025-04-20 23:04An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Multiple files and folders with ACLs that affect other users are allowed to be modified by non-administrator accounts. Advantech WebAccess Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the access control that is set and modified during the installation of the product. The product installation weakens access control restrictions of pre-existing system files and sets weak access control restrictions on new files. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f"
},
{
"db": "ZDI",
"id": "ZDI-17-713"
},
{
"db": "CNVD",
"id": "CNVD-2017-23880"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1275"
},
{
"db": "NVD",
"id": "CVE-2017-12713"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
}
]
},
"credits": {
"_id": null,
"data": "Fritz Sands - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-713"
}
],
"trust": 0.7
},
"cve": "CVE-2017-12713",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12713",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12713",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-23880",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-103263",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-12713",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12713",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-12713",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2017-12713",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-23880",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1275",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103263",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f"
},
{
"db": "ZDI",
"id": "ZDI-17-713"
},
{
"db": "CNVD",
"id": "CNVD-2017-23880"
},
{
"db": "VULHUB",
"id": "VHN-103263"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1275"
},
{
"db": "NVD",
"id": "CVE-2017-12713"
}
]
},
"description": {
"_id": null,
"data": "An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Multiple files and folders with ACLs that affect other users are allowed to be modified by non-administrator accounts. Advantech WebAccess Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the access control that is set and modified during the installation of the product. The product installation weakens access control restrictions of pre-existing system files and sets weak access control restrictions on new files. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12713"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
},
{
"db": "ZDI",
"id": "ZDI-17-713"
},
{
"db": "CNVD",
"id": "CNVD-2017-23880"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f"
},
{
"db": "VULHUB",
"id": "VHN-103263"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-12713",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.4
},
{
"db": "BID",
"id": "100526",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1275",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23880",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4897",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-713",
"trust": 0.7
},
{
"db": "IVD",
"id": "2F47A910-CF77-46D0-B79D-4A34CB7B5C3F",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103263",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f"
},
{
"db": "ZDI",
"id": "ZDI-17-713"
},
{
"db": "CNVD",
"id": "CNVD-2017-23880"
},
{
"db": "VULHUB",
"id": "VHN-103263"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1275"
},
{
"db": "NVD",
"id": "CVE-2017-12713"
}
]
},
"id": "VAR-201708-1126",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f"
},
{
"db": "CNVD",
"id": "CNVD-2017-23880"
},
{
"db": "VULHUB",
"id": "VHN-103263"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f"
},
{
"db": "CNVD",
"id": "CNVD-2017-23880"
}
]
},
"last_update_date": "2025-04-20T23:04:26.403000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02"
},
{
"title": "Advantech WebAccess is not authorized to patch vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101164"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74364"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-713"
},
{
"db": "CNVD",
"id": "CNVD-2017-23880"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1275"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103263"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
},
{
"db": "NVD",
"id": "CVE-2017-12713"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12713"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12713"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-713"
},
{
"db": "CNVD",
"id": "CNVD-2017-23880"
},
{
"db": "VULHUB",
"id": "VHN-103263"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1275"
},
{
"db": "NVD",
"id": "CVE-2017-12713"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-713",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2017-23880",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-103263",
"ident": null
},
{
"db": "BID",
"id": "100526",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007577",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1275",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-12713",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "2f47a910-cf77-46d0-b79d-4a34cb7b5c3f",
"ident": null
},
{
"date": "2017-08-30T00:00:00",
"db": "ZDI",
"id": "ZDI-17-713",
"ident": null
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23880",
"ident": null
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103263",
"ident": null
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526",
"ident": null
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007577",
"ident": null
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1275",
"ident": null
},
{
"date": "2017-08-30T18:29:00.967000",
"db": "NVD",
"id": "CVE-2017-12713",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "ZDI",
"id": "ZDI-17-713",
"ident": null
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23880",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103263",
"ident": null
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526",
"ident": null
},
{
"date": "2017-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007577",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1275",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12713",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1275"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007577"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1275"
}
],
"trust": 0.6
}
}
VAR-201708-1124
Vulnerability from variot - Updated: 2025-04-20 23:04A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could allow an attacker to obtain sensitive information. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within rmTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e"
},
{
"db": "ZDI",
"id": "ZDI-17-712"
},
{
"db": "CNVD",
"id": "CNVD-2017-23886"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1277"
},
{
"db": "NVD",
"id": "CVE-2017-12710"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
}
]
},
"credits": {
"_id": null,
"data": "Tenable Network Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-712"
}
],
"trust": 0.7
},
"cve": "CVE-2017-12710",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-12710",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-12710",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23886",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "526eff5a-fc92-4271-a592-23146544e85e",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-103260",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12710",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12710",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-12710",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2017-12710",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-23886",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1277",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-103260",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e"
},
{
"db": "ZDI",
"id": "ZDI-17-712"
},
{
"db": "CNVD",
"id": "CNVD-2017-23886"
},
{
"db": "VULHUB",
"id": "VHN-103260"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1277"
},
{
"db": "NVD",
"id": "CVE-2017-12710"
}
]
},
"description": {
"_id": null,
"data": "A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could allow an attacker to obtain sensitive information. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within rmTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. \nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12710"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
},
{
"db": "ZDI",
"id": "ZDI-17-712"
},
{
"db": "CNVD",
"id": "CNVD-2017-23886"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e"
},
{
"db": "VULHUB",
"id": "VHN-103260"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-12710",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.4
},
{
"db": "ZDI",
"id": "ZDI-17-712",
"trust": 1.8
},
{
"db": "BID",
"id": "100526",
"trust": 1.4
},
{
"db": "TENABLE",
"id": "TRA-2017-29",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1277",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23886",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4548",
"trust": 0.7
},
{
"db": "IVD",
"id": "526EFF5A-FC92-4271-A592-23146544E85E",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103260",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e"
},
{
"db": "ZDI",
"id": "ZDI-17-712"
},
{
"db": "CNVD",
"id": "CNVD-2017-23886"
},
{
"db": "VULHUB",
"id": "VHN-103260"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1277"
},
{
"db": "NVD",
"id": "CVE-2017-12710"
}
]
},
"id": "VAR-201708-1124",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e"
},
{
"db": "CNVD",
"id": "CNVD-2017-23886"
},
{
"db": "VULHUB",
"id": "VHN-103260"
}
],
"trust": 1.582962455
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e"
},
{
"db": "CNVD",
"id": "CNVD-2017-23886"
}
]
},
"last_update_date": "2025-04-20T23:04:26.358000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02"
},
{
"title": "Patch for Advantech WebAccess SQL Injection Vulnerability (CNVD-2017-23886)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101170"
},
{
"title": "Advantech WebAccess SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74366"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-712"
},
{
"db": "CNVD",
"id": "CNVD-2017-23886"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1277"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103260"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
},
{
"db": "NVD",
"id": "CVE-2017-12710"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-712/"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/research/tra-2017-29"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12710"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12710"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-712"
},
{
"db": "CNVD",
"id": "CNVD-2017-23886"
},
{
"db": "VULHUB",
"id": "VHN-103260"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1277"
},
{
"db": "NVD",
"id": "CVE-2017-12710"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-712",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2017-23886",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-103260",
"ident": null
},
{
"db": "BID",
"id": "100526",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007575",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1277",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-12710",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e",
"ident": null
},
{
"date": "2017-08-30T00:00:00",
"db": "ZDI",
"id": "ZDI-17-712",
"ident": null
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23886",
"ident": null
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103260",
"ident": null
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526",
"ident": null
},
{
"date": "2017-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007575",
"ident": null
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1277",
"ident": null
},
{
"date": "2017-08-30T18:29:00.657000",
"db": "NVD",
"id": "CVE-2017-12710",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "ZDI",
"id": "ZDI-17-712",
"ident": null
},
{
"date": "2017-09-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23886",
"ident": null
},
{
"date": "2017-11-10T00:00:00",
"db": "VULHUB",
"id": "VHN-103260",
"ident": null
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526",
"ident": null
},
{
"date": "2017-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007575",
"ident": null
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1277",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-12710",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1277"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007575"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "526eff5a-fc92-4271-a592-23146544e85e"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1277"
}
],
"trust": 0.8
}
}
VAR-201601-0041
Vulnerability from variot - Updated: 2025-04-13 23:03Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x791E IOCTL in the Kernel subsystem. An integer overflow for alloc size vulnerability exists. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An arbitrary file-upload vulnerability 3. A directory-traversal vulnerability 4. Multiple stack-based buffer-overflow vulnerabilities 5. Multiple buffer-overflow vulnerabilities 7. Multiple information disclosure vulnerabilities 8. A cross-site scripting vulnerability 9. An SQL-injection vulnerability 10. A cross-site request forgery vulnerability 11. This may aid in further attacks. Advantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-104"
},
{
"db": "CNVD",
"id": "CNVD-2016-00437"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-332"
},
{
"db": "NVD",
"id": "CVE-2016-0859"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-104"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0859",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0859",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0859",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00437",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88369",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0859",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0859",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0859",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2016-0859",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-00437",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-332",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88369",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-104"
},
{
"db": "CNVD",
"id": "CNVD-2016-00437"
},
{
"db": "VULHUB",
"id": "VHN-88369"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-332"
},
{
"db": "NVD",
"id": "CVE-2016-0859"
}
]
},
"description": {
"_id": null,
"data": "Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x791E IOCTL in the Kernel subsystem. An integer overflow for alloc size vulnerability exists. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An arbitrary file-upload vulnerability\n3. A directory-traversal vulnerability\n4. Multiple stack-based buffer-overflow vulnerabilities\n5. Multiple buffer-overflow vulnerabilities\n7. Multiple information disclosure vulnerabilities\n8. A cross-site scripting vulnerability\n9. An SQL-injection vulnerability\n10. A cross-site request forgery vulnerability\n11. This may aid in further attacks. \nAdvantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0859"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
},
{
"db": "ZDI",
"id": "ZDI-16-104"
},
{
"db": "CNVD",
"id": "CNVD-2016-00437"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-88369"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-0859",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-16-014-01",
"trust": 3.4
},
{
"db": "ZDI",
"id": "ZDI-16-104",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-332",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-00437",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3197",
"trust": 0.7
},
{
"db": "BID",
"id": "80745",
"trust": 0.3
},
{
"db": "IVD",
"id": "64D2D7A8-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-88369",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-104"
},
{
"db": "CNVD",
"id": "CNVD-2016-00437"
},
{
"db": "VULHUB",
"id": "VHN-88369"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-332"
},
{
"db": "NVD",
"id": "CVE-2016-0859"
}
]
},
"id": "VAR-201601-0041",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00437"
},
{
"db": "VULHUB",
"id": "VHN-88369"
}
],
"trust": 1.33470696
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00437"
}
]
},
"last_update_date": "2025-04-13T23:03:17.182000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
},
{
"title": "Patch for Advantech WebAccess Integer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/70381"
},
{
"title": "Advantech WebAccess Kernel Fixes for serving integer overflow vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59650"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-104"
},
{
"db": "CNVD",
"id": "CNVD-2016-00437"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-332"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88369"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
},
{
"db": "NVD",
"id": "CVE-2016-0859"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0859"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-104"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0859"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-104"
},
{
"db": "CNVD",
"id": "CNVD-2016-00437"
},
{
"db": "VULHUB",
"id": "VHN-88369"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-332"
},
{
"db": "NVD",
"id": "CVE-2016-0859"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-104",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2016-00437",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-88369",
"ident": null
},
{
"db": "BID",
"id": "80745",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001289",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201601-332",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-0859",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-25T00:00:00",
"db": "IVD",
"id": "64d2d7a8-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-104",
"ident": null
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00437",
"ident": null
},
{
"date": "2016-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-88369",
"ident": null
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745",
"ident": null
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001289",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-332",
"ident": null
},
{
"date": "2016-01-15T03:59:21.030000",
"db": "NVD",
"id": "CVE-2016-0859",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-104",
"ident": null
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00437",
"ident": null
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-88369",
"ident": null
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745",
"ident": null
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001289",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-332",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-0859",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-332"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Kernel service integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001289"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-332"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-332"
}
],
"trust": 0.6
}
}
VAR-201601-0036
Vulnerability from variot - Updated: 2025-04-13 23:03Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors. Advantech WebAccess Contains a vulnerability where an unlimited number of files can be uploaded and written to any type of file. http://cwe.mitre.org/data/definitions/434.htmlIt may be written to any type of file by a third party. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the FileUpload script allows unauthenticated callers to upload arbitrary code to directories in the server where the code can be automatically executed under the high-privilege context of the IIS AppPool. An attacker can leverage this vulnerability to execute arbitrary code under the context of SYSTEM. Advantech WebAccess HMI/SCADA software provides remote control and management. Advantech WebAccess is prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An arbitrary file-upload vulnerability 3. A directory-traversal vulnerability 4. Multiple stack-based buffer-overflow vulnerabilities 5. A heap-based buffer overflow vulnerability 6. Multiple buffer-overflow vulnerabilities 7. Multiple information disclosure vulnerabilities 8. A cross-site scripting vulnerability 9. An SQL-injection vulnerability 10. A remote-code execution vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, cause a denial-of-service condition, upload arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to use directory-traversal sequences ('../') to retrieve arbitrary files, obtain sensitive information and perform certain unauthorized actions. This may aid in further attacks. Advantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 2.1,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-127"
},
{
"db": "ZDI",
"id": "ZDI-16-129"
},
{
"db": "ZDI",
"id": "ZDI-16-128"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001284"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-327"
},
{
"db": "NVD",
"id": "CVE-2016-0854"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001284"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-127"
},
{
"db": "ZDI",
"id": "ZDI-16-129"
},
{
"db": "ZDI",
"id": "ZDI-16-128"
}
],
"trust": 2.1
},
"cve": "CVE-2016-0854",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0854",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 4.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00390",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88364",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0854",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-0854",
"trust": 2.1,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0854",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0854",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00390",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-327",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88364",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0854",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-127"
},
{
"db": "ZDI",
"id": "ZDI-16-129"
},
{
"db": "ZDI",
"id": "ZDI-16-128"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
},
{
"db": "VULHUB",
"id": "VHN-88364"
},
{
"db": "VULMON",
"id": "CVE-2016-0854"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001284"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-327"
},
{
"db": "NVD",
"id": "CVE-2016-0854"
}
]
},
"description": {
"_id": null,
"data": "Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors. Advantech WebAccess Contains a vulnerability where an unlimited number of files can be uploaded and written to any type of file. http://cwe.mitre.org/data/definitions/434.htmlIt may be written to any type of file by a third party. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the FileUpload script allows unauthenticated callers to upload arbitrary code to directories in the server where the code can be automatically executed under the high-privilege context of the IIS AppPool. An attacker can leverage this vulnerability to execute arbitrary code under the context of SYSTEM. Advantech WebAccess HMI/SCADA software provides remote control and management. Advantech WebAccess is prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An arbitrary file-upload vulnerability\n3. A directory-traversal vulnerability\n4. Multiple stack-based buffer-overflow vulnerabilities\n5. A heap-based buffer overflow vulnerability\n6. Multiple buffer-overflow vulnerabilities\n7. Multiple information disclosure vulnerabilities\n8. A cross-site scripting vulnerability\n9. An SQL-injection vulnerability\n10. A remote-code execution vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, cause a denial-of-service condition, upload arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to use directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files, obtain sensitive information and perform certain unauthorized actions. This may aid in further attacks. \nAdvantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0854"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001284"
},
{
"db": "ZDI",
"id": "ZDI-16-127"
},
{
"db": "ZDI",
"id": "ZDI-16-129"
},
{
"db": "ZDI",
"id": "ZDI-16-128"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-88364"
},
{
"db": "VULMON",
"id": "CVE-2016-0854"
}
],
"trust": 4.68
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-88364",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39735",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88364"
},
{
"db": "VULMON",
"id": "CVE-2016-0854"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-0854",
"trust": 5.8
},
{
"db": "ICS CERT",
"id": "ICSA-16-014-01",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-127",
"trust": 1.9
},
{
"db": "ZDI",
"id": "ZDI-16-129",
"trust": 1.9
},
{
"db": "ZDI",
"id": "ZDI-16-128",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "39735",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201601-327",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-00390",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001284",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3127",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3128",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3126",
"trust": 0.7
},
{
"db": "BID",
"id": "80745",
"trust": 0.3
},
{
"db": "IVD",
"id": "64D9C0A4-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136769",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88364",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0854",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-127"
},
{
"db": "ZDI",
"id": "ZDI-16-129"
},
{
"db": "ZDI",
"id": "ZDI-16-128"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
},
{
"db": "VULHUB",
"id": "VHN-88364"
},
{
"db": "VULMON",
"id": "CVE-2016-0854"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001284"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-327"
},
{
"db": "NVD",
"id": "CVE-2016-0854"
}
]
},
"id": "VAR-201601-0036",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
},
{
"db": "VULHUB",
"id": "VHN-88364"
}
],
"trust": 1.33470696
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
}
]
},
"last_update_date": "2025-04-13T23:03:17.120000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 2.1,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess File Upload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/70314"
},
{
"title": "Advantech WebAccess Fixes for any file upload vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59645"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-127"
},
{
"db": "ZDI",
"id": "ZDI-16-129"
},
{
"db": "ZDI",
"id": "ZDI-16-128"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001284"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-327"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001284"
},
{
"db": "NVD",
"id": "CVE-2016-0854"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 5.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/39735/"
},
{
"trust": 1.3,
"url": "http://www.rapid7.com/db/modules/exploit/windows/scada/advantech_webaccess_dashboard_file_upload"
},
{
"trust": 1.2,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-127"
},
{
"trust": 1.2,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-128"
},
{
"trust": 1.2,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-129"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0854"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0854"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-127"
},
{
"db": "ZDI",
"id": "ZDI-16-129"
},
{
"db": "ZDI",
"id": "ZDI-16-128"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
},
{
"db": "VULHUB",
"id": "VHN-88364"
},
{
"db": "VULMON",
"id": "CVE-2016-0854"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001284"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-327"
},
{
"db": "NVD",
"id": "CVE-2016-0854"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-127",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-129",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-128",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2016-00390",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-88364",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2016-0854",
"ident": null
},
{
"db": "BID",
"id": "80745",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001284",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201601-327",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-0854",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-21T00:00:00",
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-127",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-129",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-128",
"ident": null
},
{
"date": "2016-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00390",
"ident": null
},
{
"date": "2016-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-88364",
"ident": null
},
{
"date": "2016-01-15T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0854",
"ident": null
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745",
"ident": null
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001284",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-327",
"ident": null
},
{
"date": "2016-01-15T03:59:16.407000",
"db": "NVD",
"id": "CVE-2016-0854",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-127",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-129",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-128",
"ident": null
},
{
"date": "2016-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00390",
"ident": null
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-88364",
"ident": null
},
{
"date": "2016-12-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0854",
"ident": null
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745",
"ident": null
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001284",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-327",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-0854",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-327"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess File upload vulnerability",
"sources": [
{
"db": "IVD",
"id": "64d9c0a4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00390"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-327"
}
],
"trust": 0.6
}
}
VAR-201601-0037
Vulnerability from variot - Updated: 2025-04-13 23:03Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the removeFile script allows unauthenticated callers to remove key system files, blocking WebAccess for all users. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An arbitrary file-upload vulnerability 3. A directory-traversal vulnerability 4. Multiple stack-based buffer-overflow vulnerabilities 5. A heap-based buffer overflow vulnerability 6. Multiple buffer-overflow vulnerabilities 7. Multiple information disclosure vulnerabilities 8. A cross-site scripting vulnerability 9. An SQL-injection vulnerability 10. A remote-code execution vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, cause a denial-of-service condition, upload arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to use directory-traversal sequences ('../') to retrieve arbitrary files, obtain sensitive information and perform certain unauthorized actions. This may aid in further attacks. Advantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 3.5,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-125"
},
{
"db": "ZDI",
"id": "ZDI-16-122"
},
{
"db": "ZDI",
"id": "ZDI-16-126"
},
{
"db": "ZDI",
"id": "ZDI-16-124"
},
{
"db": "ZDI",
"id": "ZDI-16-123"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328"
},
{
"db": "NVD",
"id": "CVE-2016-0855"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001285"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-125"
},
{
"db": "ZDI",
"id": "ZDI-16-122"
},
{
"db": "ZDI",
"id": "ZDI-16-124"
},
{
"db": "ZDI",
"id": "ZDI-16-123"
}
],
"trust": 2.8
},
"cve": "CVE-2016-0855",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0855",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 2.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0855",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0855",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00431",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-88365",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0855",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-0855",
"trust": 3.5,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0855",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0855",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-00431",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-328",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-88365",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-125"
},
{
"db": "ZDI",
"id": "ZDI-16-122"
},
{
"db": "ZDI",
"id": "ZDI-16-126"
},
{
"db": "ZDI",
"id": "ZDI-16-124"
},
{
"db": "ZDI",
"id": "ZDI-16-123"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
},
{
"db": "VULHUB",
"id": "VHN-88365"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328"
},
{
"db": "NVD",
"id": "CVE-2016-0855"
}
]
},
"description": {
"_id": null,
"data": "Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the removeFile script allows unauthenticated callers to remove key system files, blocking WebAccess for all users. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An arbitrary file-upload vulnerability\n3. A directory-traversal vulnerability\n4. Multiple stack-based buffer-overflow vulnerabilities\n5. A heap-based buffer overflow vulnerability\n6. Multiple buffer-overflow vulnerabilities\n7. Multiple information disclosure vulnerabilities\n8. A cross-site scripting vulnerability\n9. An SQL-injection vulnerability\n10. A remote-code execution vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, cause a denial-of-service condition, upload arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to use directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files, obtain sensitive information and perform certain unauthorized actions. This may aid in further attacks. \nAdvantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0855"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285"
},
{
"db": "ZDI",
"id": "ZDI-16-125"
},
{
"db": "ZDI",
"id": "ZDI-16-122"
},
{
"db": "ZDI",
"id": "ZDI-16-126"
},
{
"db": "ZDI",
"id": "ZDI-16-124"
},
{
"db": "ZDI",
"id": "ZDI-16-123"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-88365"
}
],
"trust": 5.85
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-0855",
"trust": 7.1
},
{
"db": "ICS CERT",
"id": "ICSA-16-014-01",
"trust": 2.8
},
{
"db": "ZDI",
"id": "ZDI-16-125",
"trust": 1.8
},
{
"db": "ZDI",
"id": "ZDI-16-122",
"trust": 1.8
},
{
"db": "ZDI",
"id": "ZDI-16-126",
"trust": 1.8
},
{
"db": "ZDI",
"id": "ZDI-16-124",
"trust": 1.8
},
{
"db": "ZDI",
"id": "ZDI-16-123",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-00431",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3129",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3132",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3133",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3130",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3131",
"trust": 0.7
},
{
"db": "BID",
"id": "80745",
"trust": 0.3
},
{
"db": "IVD",
"id": "64DACB3E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-88365",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-125"
},
{
"db": "ZDI",
"id": "ZDI-16-122"
},
{
"db": "ZDI",
"id": "ZDI-16-126"
},
{
"db": "ZDI",
"id": "ZDI-16-124"
},
{
"db": "ZDI",
"id": "ZDI-16-123"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
},
{
"db": "VULHUB",
"id": "VHN-88365"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328"
},
{
"db": "NVD",
"id": "CVE-2016-0855"
}
]
},
"id": "VAR-201601-0037",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
},
{
"db": "VULHUB",
"id": "VHN-88365"
}
],
"trust": 1.33470696
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
}
]
},
"last_update_date": "2025-04-13T23:03:17.053000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech WebAccess Directory Traversal Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/70377"
},
{
"title": "Advantech WebAccess Fixes for directory traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59646"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-125"
},
{
"db": "ZDI",
"id": "ZDI-16-122"
},
{
"db": "ZDI",
"id": "ZDI-16-126"
},
{
"db": "ZDI",
"id": "ZDI-16-124"
},
{
"db": "ZDI",
"id": "ZDI-16-123"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88365"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285"
},
{
"db": "NVD",
"id": "CVE-2016-0855"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 6.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0855"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-122"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-123"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-124"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-125"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-126"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0855"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-125"
},
{
"db": "ZDI",
"id": "ZDI-16-122"
},
{
"db": "ZDI",
"id": "ZDI-16-126"
},
{
"db": "ZDI",
"id": "ZDI-16-124"
},
{
"db": "ZDI",
"id": "ZDI-16-123"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
},
{
"db": "VULHUB",
"id": "VHN-88365"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328"
},
{
"db": "NVD",
"id": "CVE-2016-0855"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-125",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-122",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-126",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-124",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-123",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2016-00431",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-88365",
"ident": null
},
{
"db": "BID",
"id": "80745",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001285",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-0855",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-25T00:00:00",
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-125",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-122",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-126",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-124",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-123",
"ident": null
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00431",
"ident": null
},
{
"date": "2016-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-88365",
"ident": null
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745",
"ident": null
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001285",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-328",
"ident": null
},
{
"date": "2016-01-15T03:59:17.357000",
"db": "NVD",
"id": "CVE-2016-0855",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-125",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-122",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-126",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-124",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-123",
"ident": null
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00431",
"ident": null
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-88365",
"ident": null
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745",
"ident": null
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001285",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-328",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-0855",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-328"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Directory Traversal Vulnerability",
"sources": [
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00431"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "64dacb3e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-328"
}
],
"trust": 0.8
}
}
VAR-201601-0039
Vulnerability from variot - Updated: 2025-04-13 23:03Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x11367 IOCTL in the BwpAlarm subsystem. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An arbitrary file-upload vulnerability 3. A directory-traversal vulnerability 4. Multiple stack-based buffer-overflow vulnerabilities 5. Multiple buffer-overflow vulnerabilities 7. Multiple information disclosure vulnerabilities 8. A cross-site scripting vulnerability 9. An SQL-injection vulnerability 10. A cross-site request forgery vulnerability 11. This may aid in further attacks. Advantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 5.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-065"
},
{
"db": "ZDI",
"id": "ZDI-16-121"
},
{
"db": "ZDI",
"id": "ZDI-16-066"
},
{
"db": "ZDI",
"id": "ZDI-16-119"
},
{
"db": "ZDI",
"id": "ZDI-16-107"
},
{
"db": "ZDI",
"id": "ZDI-16-064"
},
{
"db": "ZDI",
"id": "ZDI-16-067"
},
{
"db": "ZDI",
"id": "ZDI-16-068"
},
{
"db": "CNVD",
"id": "CNVD-2016-00435"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-330"
},
{
"db": "NVD",
"id": "CVE-2016-0857"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001287"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-065"
},
{
"db": "ZDI",
"id": "ZDI-16-121"
},
{
"db": "ZDI",
"id": "ZDI-16-066"
},
{
"db": "ZDI",
"id": "ZDI-16-119"
},
{
"db": "ZDI",
"id": "ZDI-16-107"
},
{
"db": "ZDI",
"id": "ZDI-16-064"
},
{
"db": "ZDI",
"id": "ZDI-16-067"
},
{
"db": "ZDI",
"id": "ZDI-16-068"
}
],
"trust": 5.6
},
"cve": "CVE-2016-0857",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0857",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 5.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0857",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00435",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88367",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0857",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-0857",
"trust": 5.6,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0857",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0857",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00435",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-330",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88367",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-065"
},
{
"db": "ZDI",
"id": "ZDI-16-121"
},
{
"db": "ZDI",
"id": "ZDI-16-066"
},
{
"db": "ZDI",
"id": "ZDI-16-119"
},
{
"db": "ZDI",
"id": "ZDI-16-107"
},
{
"db": "ZDI",
"id": "ZDI-16-064"
},
{
"db": "ZDI",
"id": "ZDI-16-067"
},
{
"db": "ZDI",
"id": "ZDI-16-068"
},
{
"db": "CNVD",
"id": "CNVD-2016-00435"
},
{
"db": "VULHUB",
"id": "VHN-88367"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-330"
},
{
"db": "NVD",
"id": "CVE-2016-0857"
}
]
},
"description": {
"_id": null,
"data": "Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x11367 IOCTL in the BwpAlarm subsystem. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An arbitrary file-upload vulnerability\n3. A directory-traversal vulnerability\n4. Multiple stack-based buffer-overflow vulnerabilities\n5. Multiple buffer-overflow vulnerabilities\n7. Multiple information disclosure vulnerabilities\n8. A cross-site scripting vulnerability\n9. An SQL-injection vulnerability\n10. A cross-site request forgery vulnerability\n11. This may aid in further attacks. \nAdvantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0857"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287"
},
{
"db": "ZDI",
"id": "ZDI-16-065"
},
{
"db": "ZDI",
"id": "ZDI-16-121"
},
{
"db": "ZDI",
"id": "ZDI-16-066"
},
{
"db": "ZDI",
"id": "ZDI-16-119"
},
{
"db": "ZDI",
"id": "ZDI-16-107"
},
{
"db": "ZDI",
"id": "ZDI-16-064"
},
{
"db": "ZDI",
"id": "ZDI-16-067"
},
{
"db": "ZDI",
"id": "ZDI-16-068"
},
{
"db": "CNVD",
"id": "CNVD-2016-00435"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-88367"
}
],
"trust": 7.74
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-0857",
"trust": 9.2
},
{
"db": "ICS CERT",
"id": "ICSA-16-014-01",
"trust": 2.8
},
{
"db": "ZDI",
"id": "ZDI-16-121",
"trust": 1.8
},
{
"db": "ZDI",
"id": "ZDI-16-119",
"trust": 1.8
},
{
"db": "ZDI",
"id": "ZDI-16-107",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-330",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-00435",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3236",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-065",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3178",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3235",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-066",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3180",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3194",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3237",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-064",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3234",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-067",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3233",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-068",
"trust": 0.7
},
{
"db": "BID",
"id": "80745",
"trust": 0.3
},
{
"db": "IVD",
"id": "64CFD42C-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-88367",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-065"
},
{
"db": "ZDI",
"id": "ZDI-16-121"
},
{
"db": "ZDI",
"id": "ZDI-16-066"
},
{
"db": "ZDI",
"id": "ZDI-16-119"
},
{
"db": "ZDI",
"id": "ZDI-16-107"
},
{
"db": "ZDI",
"id": "ZDI-16-064"
},
{
"db": "ZDI",
"id": "ZDI-16-067"
},
{
"db": "ZDI",
"id": "ZDI-16-068"
},
{
"db": "CNVD",
"id": "CNVD-2016-00435"
},
{
"db": "VULHUB",
"id": "VHN-88367"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-330"
},
{
"db": "NVD",
"id": "CVE-2016-0857"
}
]
},
"id": "VAR-201601-0039",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00435"
},
{
"db": "VULHUB",
"id": "VHN-88367"
}
],
"trust": 1.33470696
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00435"
}
]
},
"last_update_date": "2025-04-13T23:03:16.975000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 5.6,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/70379"
},
{
"title": "Advantech WebAccess Fixes for heap-based buffer overflow vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59648"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-065"
},
{
"db": "ZDI",
"id": "ZDI-16-121"
},
{
"db": "ZDI",
"id": "ZDI-16-066"
},
{
"db": "ZDI",
"id": "ZDI-16-119"
},
{
"db": "ZDI",
"id": "ZDI-16-107"
},
{
"db": "ZDI",
"id": "ZDI-16-064"
},
{
"db": "ZDI",
"id": "ZDI-16-067"
},
{
"db": "ZDI",
"id": "ZDI-16-068"
},
{
"db": "CNVD",
"id": "CNVD-2016-00435"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-330"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88367"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287"
},
{
"db": "NVD",
"id": "CVE-2016-0857"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 8.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0857"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-107"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-119"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-121"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0857"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-065"
},
{
"db": "ZDI",
"id": "ZDI-16-121"
},
{
"db": "ZDI",
"id": "ZDI-16-066"
},
{
"db": "ZDI",
"id": "ZDI-16-119"
},
{
"db": "ZDI",
"id": "ZDI-16-107"
},
{
"db": "ZDI",
"id": "ZDI-16-064"
},
{
"db": "ZDI",
"id": "ZDI-16-067"
},
{
"db": "ZDI",
"id": "ZDI-16-068"
},
{
"db": "CNVD",
"id": "CNVD-2016-00435"
},
{
"db": "VULHUB",
"id": "VHN-88367"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-330"
},
{
"db": "NVD",
"id": "CVE-2016-0857"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-065",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-121",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-066",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-119",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-107",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-064",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-067",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-068",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2016-00435",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-88367",
"ident": null
},
{
"db": "BID",
"id": "80745",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001287",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201601-330",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-0857",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-25T00:00:00",
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-065",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-121",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-066",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-119",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-107",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-064",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-067",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-068",
"ident": null
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00435",
"ident": null
},
{
"date": "2016-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-88367",
"ident": null
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745",
"ident": null
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001287",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-330",
"ident": null
},
{
"date": "2016-01-15T03:59:19.313000",
"db": "NVD",
"id": "CVE-2016-0857",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-065",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-121",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-066",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-119",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-107",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-064",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-067",
"ident": null
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-068",
"ident": null
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00435",
"ident": null
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-88367",
"ident": null
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745",
"ident": null
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001287",
"ident": null
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-330",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-0857",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-330"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess webvrpcs Service BwpAlarm.dll strcpy Heap-Based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-065"
},
{
"db": "ZDI",
"id": "ZDI-16-066"
},
{
"db": "ZDI",
"id": "ZDI-16-064"
},
{
"db": "ZDI",
"id": "ZDI-16-068"
}
],
"trust": 2.8
},
"type": {
"_id": null,
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "64cfd42c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-330"
}
],
"trust": 0.8
}
}
VAR-201601-0025
Vulnerability from variot - Updated: 2025-04-13 23:03Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x11173 IOCTL in the BwpAlarm subsystem. A globals overflow vulnerability exists in a call to strcpy using the ProjectName parameter. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management. Advantech WebAccess is prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An arbitrary file-upload vulnerability 3. A directory-traversal vulnerability 4. Multiple stack-based buffer-overflow vulnerabilities 5. Multiple buffer-overflow vulnerabilities 7. Multiple information disclosure vulnerabilities 8. A cross-site scripting vulnerability 9. An SQL-injection vulnerability 10. A cross-site request forgery vulnerability 11. This may aid in further attacks. Advantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0025",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": null,
"trust": 1.4,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-333"
},
{
"db": "NVD",
"id": "CVE-2016-0860"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"db": "ZDI",
"id": "ZDI-16-058"
}
],
"trust": 1.4
},
"cve": "CVE-2016-0860",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0860",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0860",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 1.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00389",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88370",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0860",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-0860",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0860",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0860",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00389",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-333",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88370",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"db": "VULHUB",
"id": "VHN-88370"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-333"
},
{
"db": "NVD",
"id": "CVE-2016-0860"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x11173 IOCTL in the BwpAlarm subsystem. A globals overflow vulnerability exists in a call to strcpy using the ProjectName parameter. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management. Advantech WebAccess is prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An arbitrary file-upload vulnerability\n3. A directory-traversal vulnerability\n4. Multiple stack-based buffer-overflow vulnerabilities\n5. Multiple buffer-overflow vulnerabilities\n7. Multiple information disclosure vulnerabilities\n8. A cross-site scripting vulnerability\n9. An SQL-injection vulnerability\n10. A cross-site request forgery vulnerability\n11. This may aid in further attacks. \nAdvantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0860"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-88370"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0860",
"trust": 5.0
},
{
"db": "ICS CERT",
"id": "ICSA-16-014-01",
"trust": 2.8
},
{
"db": "ZDI",
"id": "ZDI-16-074",
"trust": 1.8
},
{
"db": "ZDI",
"id": "ZDI-16-058",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-333",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-00389",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3227",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3243",
"trust": 0.7
},
{
"db": "BID",
"id": "80745",
"trust": 0.3
},
{
"db": "IVD",
"id": "64D0EC90-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-88370",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"db": "VULHUB",
"id": "VHN-88370"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-333"
},
{
"db": "NVD",
"id": "CVE-2016-0860"
}
]
},
"id": "VAR-201601-0025",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"db": "VULHUB",
"id": "VHN-88370"
}
],
"trust": 1.33470696
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
}
]
},
"last_update_date": "2025-04-13T23:03:16.922000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Buffer Overflow Vulnerability (CNVD-2016-00389)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/70313"
},
{
"title": "Advantech WebAccess BwpAlarm Subsystem buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59651"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-333"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88370"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"db": "NVD",
"id": "CVE-2016-0860"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0860"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-058"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-074"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0860"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"db": "VULHUB",
"id": "VHN-88370"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-333"
},
{
"db": "NVD",
"id": "CVE-2016-0860"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"db": "VULHUB",
"id": "VHN-88370"
},
{
"db": "BID",
"id": "80745"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-333"
},
{
"db": "NVD",
"id": "CVE-2016-0860"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-21T00:00:00",
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"date": "2016-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"date": "2016-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-88370"
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745"
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-333"
},
{
"date": "2016-01-15T03:59:21.890000",
"db": "NVD",
"id": "CVE-2016-0860"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-074"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-058"
},
{
"date": "2016-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00389"
},
{
"date": "2016-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-88370"
},
{
"date": "2016-01-14T00:00:00",
"db": "BID",
"id": "80745"
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001290"
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-333"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-0860"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-333"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess of BwpAlarm Subsystem buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001290"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "64d0ec90-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-333"
}
],
"trust": 0.8
}
}
VAR-201509-0432
Vulnerability from variot - Updated: 2025-04-12 23:36Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech, China. A heap buffer overflow vulnerability exists in Advantech WebAccess. A local attacker could exploit the vulnerability to execute arbitrary code and may also cause a denial of service. Advantech WebAccess is prone to a local stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely cause denial-of-service conditions. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201509-0432",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "eq",
"trust": 1.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.0_20150816"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.0 20150816",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "8.0"
}
],
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Sanchez from Nullcode Team",
"sources": [
{
"db": "BID",
"id": "76753"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
],
"trust": 0.9
},
"cve": "CVE-2014-9202",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2014-9202",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-06219",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "726d326e-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-77147",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9202",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-9202",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-06219",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-257",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-77147",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech, China. A heap buffer overflow vulnerability exists in Advantech WebAccess. A local attacker could exploit the vulnerability to execute arbitrary code and may also cause a denial of service. Advantech WebAccess is prone to a local stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely cause denial-of-service conditions. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-77147"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9202",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-15-258-04",
"trust": 2.8
},
{
"db": "BID",
"id": "76753",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2015-06219",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132",
"trust": 0.8
},
{
"db": "IVD",
"id": "726D326E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-77147",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"id": "VAR-201509-0432",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
}
],
"trust": 1.33470696
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
}
]
},
"last_update_date": "2025-04-12T23:36:55.099000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www2.advantech.co.jp/products/gf-1m94v/advantech-webaccess/mod_b975c492-56b3-4eba-8bbb-5b6d3483ee9d.aspx"
},
{
"title": "Patch for Advantech WebAccess heap buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/64469"
},
{
"title": "Advantech WebAccess Fixes for heap-based buffer overflow vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57755"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-258-04"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/76753"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9202"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9202"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-25T00:00:00",
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"date": "2015-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-77147"
},
{
"date": "2015-09-15T00:00:00",
"db": "BID",
"id": "76753"
},
{
"date": "2015-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"date": "2015-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-257"
},
{
"date": "2015-09-28T02:59:00.107000",
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"date": "2015-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-77147"
},
{
"date": "2015-09-15T00:00:00",
"db": "BID",
"id": "76753"
},
{
"date": "2015-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"date": "2015-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-257"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "76753"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Heap Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
],
"trust": 0.8
}
}