VAR-201903-1778
Vulnerability from variot - Updated: 2022-05-17 02:04This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within tv_enua.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-293"
}
]
},
"credits": {
"_id": null,
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-293"
}
],
"trust": 0.7
},
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "ZDI-19-293",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "ZDI-19-293",
"trust": 0.7,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-293"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within tv_enua.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of Administrator.",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-293"
}
],
"trust": 0.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7909",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-293",
"trust": 0.7
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-293"
}
]
},
"id": "VAR-201903-1778",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.41739574
},
"last_update_date": "2022-05-17T02:04:28.979000Z",
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-19-293",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-03-28T00:00:00",
"db": "ZDI",
"id": "ZDI-19-293",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-03-28T00:00:00",
"db": "ZDI",
"id": "ZDI-19-293",
"ident": null
}
]
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node tv_enua Improper Access Control Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-293"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…