Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
109 vulnerabilities by WebAccess
VAR-201810-0396
Vulnerability from variot - Updated: 2024-07-23 22:37Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwclient.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech (Advantech) WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. Advantech WebAccess is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 3. An arbitrary-file-deletion vulnerability 4. This may aid in further attacks. Advantech WebAccess 8.3.1 and prior versions are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0396",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess node",
"scope": null,
"trust": 9.1,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "BID",
"id": "105728"
}
],
"trust": 9.4
},
"cve": "CVE-2018-14816",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14816",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 9.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21935",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-14816",
"trust": 9.1,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-14816",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-21935",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1188",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwclient.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech (Advantech) WebAccess software is the core of Advantech\u0027s IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. Advantech WebAccess is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n3. An arbitrary-file-deletion vulnerability\n4. This may aid in further attacks. \nAdvantech WebAccess 8.3.1 and prior versions are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14816"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
}
],
"trust": 10.08
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14816",
"trust": 11.8
},
{
"db": "ICS CERT",
"id": "ICSA-18-296-01",
"trust": 2.5
},
{
"db": "BID",
"id": "105728",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1041939",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-21935",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6299",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1311",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6300",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1312",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6296",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1308",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6298",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1310",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6302",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1314",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6295",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1307",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6287",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1300",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6289",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1302",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6285",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1298",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6301",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1313",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6292",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1304",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6297",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1309",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6294",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1306",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2FEEFE1-39AB-11E9-8E28-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"id": "VAR-201810-0396",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
}
],
"trust": 1.33891657
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
}
]
},
"last_update_date": "2024-07-23T22:37:44.850000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-21935)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/143393"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86280"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 10.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105728"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1041939"
},
{
"trust": 1.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-296-01%2c"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"db": "BID",
"id": "105728"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-28T00:00:00",
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"date": "2018-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"date": "2018-10-23T00:00:00",
"db": "BID",
"id": "105728"
},
{
"date": "2018-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"date": "2018-10-23T20:29:00.530000",
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1311"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1308"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1310"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1314"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1307"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1300"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1302"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1298"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1313"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1304"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1309"
},
{
"date": "2018-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1306"
},
{
"date": "2018-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21935"
},
{
"date": "2018-10-23T00:00:00",
"db": "BID",
"id": "105728"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1188"
},
{
"date": "2023-11-07T02:53:02.097000",
"db": "NVD",
"id": "CVE-2018-14816"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Client bwwebv Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1312"
},
{
"db": "ZDI",
"id": "ZDI-18-1304"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2feefe1-39ab-11e9-8e28-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1188"
}
],
"trust": 0.8
}
}
VAR-201801-0152
Vulnerability from variot - Updated: 2024-07-23 22:28An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27eb IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A denial of service vulnerability exists in versions prior to Advantech WebAccess 8.3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0152",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": null,
"trust": 10.5,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lt",
"trust": 1.6,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"db": "ZDI",
"id": "ZDI-18-034"
}
],
"trust": 10.5
},
"cve": "CVE-2017-16728",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16728",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 9.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16728",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-00673",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-16728",
"trust": 9.8,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-16728",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2017-16728",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-00673",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-241",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27eb IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A denial of service vulnerability exists in versions prior to Advantech WebAccess 8.3",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16728"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
}
],
"trust": 11.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16728",
"trust": 12.9
},
{
"db": "BID",
"id": "102424",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-004-02",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-00673",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5003",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-035",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4959",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-012",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4973",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-020",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5006",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-038",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5007",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-039",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4999",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-031",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5062",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-059",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4965",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-018",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4966",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-019",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4964",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-017",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4961",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-014",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5004",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-036",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4963",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-016",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4997",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-029",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5002",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-034",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2E1079E-39AB-11E9-9B2B-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"id": "VAR-201801-0152",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
}
],
"trust": 1.23267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
}
]
},
"last_update_date": "2024-07-23T22:28:30.754000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 10.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
},
{
"title": "Patch for Advantech WebAccess Denial of Service Vulnerability (CNVD-2018-00673)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/113125"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77552"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 12.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/102424"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-10T00:00:00",
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"date": "2018-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"date": "2018-01-05T08:29:00.393000",
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-035"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-012"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-020"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-038"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-039"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-031"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-059"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-018"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-019"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-017"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-014"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-036"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-016"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-029"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-034"
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00673"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-241"
},
{
"date": "2019-10-09T23:25:15.270000",
"db": "NVD",
"id": "CVE-2017-16728"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess webvrpcs drawsrv SQLSetParam Untrusted Pointer Dereference Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-035"
}
],
"trust": 0.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2e1079e-39ab-11e9-9b2b-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-241"
}
],
"trust": 0.8
}
}
VAR-201801-0151
Vulnerability from variot - Updated: 2024-07-23 22:28A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of the command line in the bwprtscr utility. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0151",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": null,
"trust": 9.1,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lt",
"trust": 2.4,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
}
],
"trust": 9.1
},
"cve": "CVE-2017-16724",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16724",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 8.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-16724",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16724",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-00671",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-16724",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-16724",
"trust": 8.4,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-16724",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2017-16724",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-00671",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-242",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of the command line in the bwprtscr utility. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16724"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
}
],
"trust": 10.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16724",
"trust": 12.3
},
{
"db": "BID",
"id": "102424",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-004-02",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-00671",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-18-004-02A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011795",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5045",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-044",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5052",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-050",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5054",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-053",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5064",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-061",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4993",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-025",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5043",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-042",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5049",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-048",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5063",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-060",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5053",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-052",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5050",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-049",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5042",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-041",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5051",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-051",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5047",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-046",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2E0E08F-39AB-11E9-B1D1-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"id": "VAR-201801-0151",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
}
],
"trust": 1.23267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
}
]
},
"last_update_date": "2024-07-23T22:28:30.640000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-00671)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/113123"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77553"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 10.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/102424"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16724"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02a"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16724"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-10T00:00:00",
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"date": "2018-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"date": "2018-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"date": "2018-01-05T08:29:00.347000",
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-044"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-050"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-053"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-061"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-025"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-042"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-048"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-060"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-052"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-049"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-041"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-051"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-046"
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00671"
},
{
"date": "2018-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-242"
},
{
"date": "2019-10-09T23:25:14.830000",
"db": "NVD",
"id": "CVE-2017-16724"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011795"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2e0e08f-39ab-11e9-b1d1-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-242"
}
],
"trust": 0.8
}
}
VAR-201906-1029
Vulnerability from variot - Updated: 2024-07-23 22:28In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. WebAccess/SCADA Is NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. An information disclosure vulnerability 5. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 8.4,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.5"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.5"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.5"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.4"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.2"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.0"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"_id": null,
"model": "webaccess/scada",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.4.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-606"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-598"
},
{
"db": "ZDI",
"id": "ZDI-19-605"
},
{
"db": "ZDI",
"id": "ZDI-19-596"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-608"
},
{
"db": "ZDI",
"id": "ZDI-19-618"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "BID",
"id": "108923"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"credits": {
"_id": null,
"data": "Natnael Samson (@NattiSamson)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-606"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-598"
},
{
"db": "ZDI",
"id": "ZDI-19-605"
},
{
"db": "ZDI",
"id": "ZDI-19-596"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-608"
},
{
"db": "ZDI",
"id": "ZDI-19-618"
}
],
"trust": 8.4
},
"cve": "CVE-2019-10993",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10993",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-32473",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-142595",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10993",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 8.4,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10993",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2019-10993",
"trust": 8.4,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10993",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2019-32473",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-1077",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-142595",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-606"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-598"
},
{
"db": "ZDI",
"id": "ZDI-19-605"
},
{
"db": "ZDI",
"id": "ZDI-19-596"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-608"
},
{
"db": "ZDI",
"id": "ZDI-19-618"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "VULHUB",
"id": "VHN-142595"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"description": {
"_id": null,
"data": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. WebAccess/SCADA Is NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. An information disclosure vulnerability\n5. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (\u00e2??../\u00e2??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10993"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "ZDI",
"id": "ZDI-19-605"
},
{
"db": "ZDI",
"id": "ZDI-19-618"
},
{
"db": "ZDI",
"id": "ZDI-19-608"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-596"
},
{
"db": "ZDI",
"id": "ZDI-19-598"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-606"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "BID",
"id": "108923"
},
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "VULHUB",
"id": "VHN-142595"
}
],
"trust": 10.26
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2019-10993",
"trust": 12.0
},
{
"db": "ICS CERT",
"id": "ICSA-19-178-05",
"trust": 2.8
},
{
"db": "ZDI",
"id": "ZDI-19-613",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-19-616",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-19-606",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-19-598",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-19-605",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-19-615",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-19-618",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-19-612",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-611",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-602",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-607",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-614",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-597",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-617",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-603",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-601",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-19-623",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077",
"trust": 0.9
},
{
"db": "BID",
"id": "108923",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-32473",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-19-599",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-19-610",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-19-595",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-19-596",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-19-608",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8129",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8146",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8143",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8150",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8139",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8118",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8128",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8138",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8126",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8148",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8141",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8152",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2350",
"trust": 0.6
},
{
"db": "IVD",
"id": "D5DCD84F-1ACA-4DC3-AC16-D5C7C3DD4D07",
"trust": 0.2
},
{
"db": "ZDI",
"id": "ZDI-19-604",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-19-593",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-19-609",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-19-600",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-142595",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-606"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-598"
},
{
"db": "ZDI",
"id": "ZDI-19-605"
},
{
"db": "ZDI",
"id": "ZDI-19-596"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-608"
},
{
"db": "ZDI",
"id": "ZDI-19-618"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "VULHUB",
"id": "VHN-142595"
},
{
"db": "BID",
"id": "108923"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"id": "VAR-201906-1029",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "VULHUB",
"id": "VHN-142595"
}
],
"trust": 1.44565702
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
}
]
},
"last_update_date": "2024-07-23T22:28:26.009000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 8.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "https://www.advantech.co.jp/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess/SCADA arbitrary code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/181487"
},
{
"title": "Advantech WebAccess/SCADA Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=94180"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-606"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-598"
},
{
"db": "ZDI",
"id": "ZDI-19-605"
},
{
"db": "ZDI",
"id": "ZDI-19-596"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-608"
},
{
"db": "ZDI",
"id": "ZDI-19-618"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "CWE-476",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142595"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 11.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
},
{
"trust": 2.3,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-623/"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10993"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-597/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-598/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-601/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-602/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-603/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-605/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-606/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-607/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-611/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-612/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-613/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-614/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-615/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-616/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-617/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-618/"
},
{
"trust": 0.9,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10993"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/108923"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2350/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-593/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-595/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-596/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-599/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-600/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-604/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-608/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-609/"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-610/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-599"
},
{
"db": "ZDI",
"id": "ZDI-19-613"
},
{
"db": "ZDI",
"id": "ZDI-19-610"
},
{
"db": "ZDI",
"id": "ZDI-19-616"
},
{
"db": "ZDI",
"id": "ZDI-19-606"
},
{
"db": "ZDI",
"id": "ZDI-19-595"
},
{
"db": "ZDI",
"id": "ZDI-19-598"
},
{
"db": "ZDI",
"id": "ZDI-19-605"
},
{
"db": "ZDI",
"id": "ZDI-19-596"
},
{
"db": "ZDI",
"id": "ZDI-19-615"
},
{
"db": "ZDI",
"id": "ZDI-19-608"
},
{
"db": "ZDI",
"id": "ZDI-19-618"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
},
{
"db": "VULHUB",
"id": "VHN-142595"
},
{
"db": "BID",
"id": "108923"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
},
{
"db": "NVD",
"id": "CVE-2019-10993"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-599",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-613",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-610",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-616",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-606",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-595",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-598",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-605",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-596",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-615",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-608",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-618",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2019-32473",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-142595",
"ident": null
},
{
"db": "BID",
"id": "108923",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005812",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201906-1077",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2019-10993",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-09-21T00:00:00",
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-599",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-613",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-610",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-616",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-606",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-595",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-598",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-605",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-596",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-615",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-608",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-618",
"ident": null
},
{
"date": "2019-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-32473",
"ident": null
},
{
"date": "2019-06-28T00:00:00",
"db": "VULHUB",
"id": "VHN-142595",
"ident": null
},
{
"date": "2019-06-27T00:00:00",
"db": "BID",
"id": "108923",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005812",
"ident": null
},
{
"date": "2019-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-1077",
"ident": null
},
{
"date": "2019-06-28T21:15:11.353000",
"db": "NVD",
"id": "CVE-2019-10993",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-599",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-613",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-610",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-616",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-606",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-595",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-598",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-605",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-596",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-615",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-608",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-618",
"ident": null
},
{
"date": "2019-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-32473",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "VULHUB",
"id": "VHN-142595",
"ident": null
},
{
"date": "2019-06-27T00:00:00",
"db": "BID",
"id": "108923",
"ident": null
},
{
"date": "2019-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005812",
"ident": null
},
{
"date": "2022-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-1077",
"ident": null
},
{
"date": "2022-04-18T17:17:47.753000",
"db": "NVD",
"id": "CVE-2019-10993",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess/SCADA Arbitrary code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07"
},
{
"db": "CNVD",
"id": "CNVD-2019-32473"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-1077"
}
],
"trust": 0.6
}
}
VAR-201805-1143
Vulnerability from variot - Updated: 2024-07-23 22:25In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwsound.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 9.1,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-504"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "ZDI",
"id": "ZDI-18-490"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2_20170817",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess_dashboard:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess_scada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess\\/nms:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"credits": {
"_id": null,
"data": "Mat Powell - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-504"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
}
],
"trust": 7.7
},
"cve": "CVE-2018-7499",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7499",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 9.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10713",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137531",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7499",
"trust": 9.1,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7499",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-10713",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-446",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-137531",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-504"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "ZDI",
"id": "ZDI-18-490"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "VULHUB",
"id": "VHN-137531"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwsound.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7499"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-490"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-504"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137531"
}
],
"trust": 10.17
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7499",
"trust": 11.9
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 2.6
},
{
"db": "BID",
"id": "104190",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2018-10713",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5691",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-516",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5694",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-519",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5698",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-523",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5700",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-525",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5682",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-507",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5662",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-497",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5689",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-514",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5695",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-520",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5679",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-504",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5685",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-510",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5692",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-517",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5699",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-524",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5654",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-490",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F10D30-39AB-11E9-AE57-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137531",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-504"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "ZDI",
"id": "ZDI-18-490"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "VULHUB",
"id": "VHN-137531"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"id": "VAR-201805-1143",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "VULHUB",
"id": "VHN-137531"
}
],
"trust": 1.5154899175
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
}
]
},
"last_update_date": "2024-07-23T22:25:33.635000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-10713)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/130743"
},
{
"title": "Multiple Advantech Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80056"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-504"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "ZDI",
"id": "ZDI-18-490"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137531"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 11.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-504"
},
{
"db": "ZDI",
"id": "ZDI-18-510"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "ZDI",
"id": "ZDI-18-524"
},
{
"db": "ZDI",
"id": "ZDI-18-490"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "VULHUB",
"id": "VHN-137531"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-497",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-514",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-504",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-510",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-517",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-490",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137531",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-497",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-514",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-504",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-510",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-517",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-490",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137531",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"date": "2018-05-15T22:29:00.503000",
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-497",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-514",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-504",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-510",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-517",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-524",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-490",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"date": "2020-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-137531",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"date": "2020-10-02T14:49:19.267000",
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node bwsound Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-514"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
],
"trust": 0.8
}
}
VAR-201805-1144
Vulnerability from variot - Updated: 2024-07-23 22:25In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. plural Advantech WebAccess The product includes SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the GetAlarms function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1144",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess node",
"scope": null,
"trust": 8.4,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2_20170817",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess_dashboard:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess_scada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess\\/nms:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
}
],
"trust": 8.4
},
"cve": "CVE-2018-7501",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-7501",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 6.3,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-7501",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 2.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-10317",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137533",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-7501",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7501",
"trust": 8.4,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-7501",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-10317",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-445",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137533",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. plural Advantech WebAccess The product includes SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the GetAlarms function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7501"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137533"
}
],
"trust": 9.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7501",
"trust": 11.7
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.1
},
{
"db": "BID",
"id": "104190",
"trust": 2.3
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-10317",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5611",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-481",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5653",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-489",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5649",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-485",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5652",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-488",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5650",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-486",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5597",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-474",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5590",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-553",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5612",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-482",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5519",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-472",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5610",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-480",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5651",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-487",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5607",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-477",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F022CF-39AB-11E9-A809-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137533",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"id": "VAR-201805-1144",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
}
],
"trust": 1.4944627466666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
}
]
},
"last_update_date": "2024-07-23T22:25:33.529000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 8.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Patch for Advantech WebAccess SQL Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/130233"
},
{
"title": "Multiple Advantech product SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80055"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 11.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7501"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7501"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "VULHUB",
"id": "VHN-137533"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-25T00:00:00",
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"date": "2018-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"date": "2018-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137533"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"date": "2018-05-15T22:29:00.567000",
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"date": "2018-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-482"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-472"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"date": "2018-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137533"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005073"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"date": "2019-10-09T23:42:20.113000",
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Advantech WebAccess In product SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005073"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
],
"trust": 0.8
}
}
VAR-202005-0008
Vulnerability from variot - Updated: 2024-07-23 22:25Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791d in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess/scada",
"scope": null,
"trust": 9.1,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.4.4"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 1.0,
"vendor": "advantech",
"version": "9.0.0"
},
{
"_id": null,
"model": "webaccess node",
"scope": "gte",
"trust": 0.6,
"vendor": "advantech",
"version": "8.4.4"
},
{
"_id": null,
"model": "webaccess node",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "9.0.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "9.0.0"
}
],
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-600"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-618"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.4.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:9.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"credits": {
"_id": null,
"data": "Z0mb1E",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-600"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-618"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
}
],
"trust": 9.1
},
"cve": "CVE-2020-10638",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-29739",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10638",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10638",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 8.4,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2020-10638",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2020-10638",
"trust": 8.4,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-10638",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2020-10638",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2020-29739",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-295",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-10638",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-600"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-618"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "VULMON",
"id": "CVE-2020-10638"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"description": {
"_id": null,
"data": "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791d in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10638"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-618"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-600"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "VULMON",
"id": "CVE-2020-10638"
}
],
"trust": 10.08
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10638",
"trust": 11.8
},
{
"db": "ZDI",
"id": "ZDI-20-593",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-20-599",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-20-603",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-20-600",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-20-621",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-20-616",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-20-128-01",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2020-29739",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295",
"trust": 1.0
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9902",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9985",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-597",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9994",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9892",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-631",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9897",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10081",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-620",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9998",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-601",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9997",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9890",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-617",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10085",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9891",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-618",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10337",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-623",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9889",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "47382",
"trust": 0.6
},
{
"db": "ZDI",
"id": "ZDI-20-635",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1646",
"trust": 0.6
},
{
"db": "IVD",
"id": "95F15ED9-ABD1-4FA7-B3B8-CCE038C93754",
"trust": 0.2
},
{
"db": "IVD",
"id": "619B16C7-A995-4CDF-B7BE-D91E2BDC75EC",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2020-10638",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-600"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-618"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "VULMON",
"id": "CVE-2020-10638"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"id": "VAR-202005-0008",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
}
],
"trust": 1.5788251133333333
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
}
]
},
"last_update_date": "2024-07-23T22:25:28.455000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-36"
},
{
"title": "Patch for Advantech WebAccess Node buffer overflow vulnerability (CNVD-2020-29739)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/218845"
},
{
"title": "Advantech WebAccess Node Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=118647"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-600"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-618"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 9.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-36"
},
{
"trust": 2.9,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-128-01"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-593/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-599/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-600/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-603/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-616/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-621/"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-635/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10638"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47382"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1646/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181596"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-593"
},
{
"db": "ZDI",
"id": "ZDI-20-597"
},
{
"db": "ZDI",
"id": "ZDI-20-599"
},
{
"db": "ZDI",
"id": "ZDI-20-631"
},
{
"db": "ZDI",
"id": "ZDI-20-603"
},
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-601"
},
{
"db": "ZDI",
"id": "ZDI-20-600"
},
{
"db": "ZDI",
"id": "ZDI-20-617"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
},
{
"db": "ZDI",
"id": "ZDI-20-618"
},
{
"db": "ZDI",
"id": "ZDI-20-623"
},
{
"db": "ZDI",
"id": "ZDI-20-616"
},
{
"db": "CNVD",
"id": "CNVD-2020-29739"
},
{
"db": "VULMON",
"id": "CVE-2020-10638"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
},
{
"db": "NVD",
"id": "CVE-2020-10638"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
"ident": null
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-593",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-597",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-599",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-631",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-603",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-620",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-601",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-600",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-617",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-621",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-618",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-623",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-616",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2020-29739",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2020-10638",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10638",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-05-07T00:00:00",
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754",
"ident": null
},
{
"date": "2020-05-07T00:00:00",
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-593",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-597",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-599",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-631",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-603",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-620",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-601",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-600",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-617",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-621",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-618",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-623",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-616",
"ident": null
},
{
"date": "2020-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-29739",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10638",
"ident": null
},
{
"date": "2020-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-295",
"ident": null
},
{
"date": "2020-05-08T12:15:11.067000",
"db": "NVD",
"id": "CVE-2020-10638",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-593",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-597",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-599",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-631",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-603",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-620",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-601",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-600",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-617",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-621",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-618",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-623",
"ident": null
},
{
"date": "2020-05-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-616",
"ident": null
},
{
"date": "2020-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-29739",
"ident": null
},
{
"date": "2020-05-12T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10638",
"ident": null
},
{
"date": "2021-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-295",
"ident": null
},
{
"date": "2021-12-17T16:57:07.227000",
"db": "NVD",
"id": "CVE-2020-10638",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess/SCADA BwTCPIP Heap-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-620"
},
{
"db": "ZDI",
"id": "ZDI-20-621"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "95f15ed9-abd1-4fa7-b3b8-cce038c93754"
},
{
"db": "IVD",
"id": "619b16c7-a995-4cdf-b7be-d91e2bdc75ec"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-295"
}
],
"trust": 1.0
}
}
VAR-201601-0038
Vulnerability from variot - Updated: 2024-07-23 22:22Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27B1 IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to BwBuildPath. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0038",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": null,
"trust": 10.5,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"db": "ZDI",
"id": "ZDI-16-073"
}
],
"trust": 10.5
},
"cve": "CVE-2016-0856",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0856",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 10.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00434",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "64dba96e-2351-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-0856",
"trust": 10.5,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0856",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2016-00434",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-329",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27B1 IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to BwBuildPath. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0856"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 11.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0856",
"trust": 12.9
},
{
"db": "ZDI",
"id": "ZDI-16-103",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-16-113",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-16-115",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-16-101",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-109",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-110",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-111",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-112",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-116",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-108",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-114",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-120",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-117",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-106",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-102",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-100",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-16-118",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-16-014-01",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2016-00434",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3211",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-090",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3239",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-062",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3207",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-094",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3175",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-051",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3198",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3188",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3238",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-063",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3226",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-075",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3246",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-055",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3206",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-095",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3216",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-085",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3185",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3218",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-083",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3208",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-093",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3228",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-073",
"trust": 0.7
},
{
"db": "CXSECURITY",
"id": "WLB-2018030263",
"trust": 0.6
},
{
"db": "IVD",
"id": "64DBA96E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"id": "VAR-201601-0038",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
}
],
"trust": 1.23267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
}
]
},
"last_update_date": "2024-07-23T22:22:04.421000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 10.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2016-00434)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/70378"
},
{
"title": "Advantech WebAccess Fixes for stack-based buffer overflow vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59647"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 11.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-014-01"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-100"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-101"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-102"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-103"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-106"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-108"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-109"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-110"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-111"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-112"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-113"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-114"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-115"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-116"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-117"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-118"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-120"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0856"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2018030263"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-25T00:00:00",
"db": "IVD",
"id": "64dba96e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"date": "2016-01-15T03:59:18.250000",
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-090"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-062"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-051"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-103"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-113"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-063"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-075"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-055"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-095"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-085"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-115"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-083"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-093"
},
{
"date": "2016-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-16-073"
},
{
"date": "2016-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00434"
},
{
"date": "2021-08-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-329"
},
{
"date": "2016-12-03T03:18:18.117000",
"db": "NVD",
"id": "CVE-2016-0856"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess webvrpcs Service DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-094"
},
{
"db": "ZDI",
"id": "ZDI-16-093"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-329"
}
],
"trust": 0.6
}
}
VAR-201904-0181
Vulnerability from variot - Updated: 2024-07-23 22:21Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwmakdir.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in execution to other associated memory locations. erroneous read and write operations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0181",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": null,
"trust": 10.5,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.5"
},
{
"model": "webaccess/scada",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
}
],
"trust": 10.5
},
"cve": "CVE-2019-6550",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-08948",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-157985",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-6550",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 10.5,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2019-6550",
"trust": 10.5,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-6550",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2019-08948",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-089",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-157985",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "VULHUB",
"id": "VHN-157985"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwmakdir.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in execution to other associated memory locations. erroneous read and write operations",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6550"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "VULHUB",
"id": "VHN-157985"
}
],
"trust": 11.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6550",
"trust": 13.0
},
{
"db": "ZDI",
"id": "ZDI-19-585",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-19-092-01",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-330",
"trust": 1.3
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-08948",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7914",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-322",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7899",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-311",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7924",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-329",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7927",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-325",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7901",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-313",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7905",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-317",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7882",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-328",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7913",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-320",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7910",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-318",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7884",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-308",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7930",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7903",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-315",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7911",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7925",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-323",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7881",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-327",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.1113",
"trust": 0.6
},
{
"db": "BID",
"id": "107675",
"trust": 0.6
},
{
"db": "IVD",
"id": "4D85A7A9-A091-4C59-84E6-73C8B6639498",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-157985",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "VULHUB",
"id": "VHN-157985"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"id": "VAR-201904-0181",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "VULHUB",
"id": "VHN-157985"
}
],
"trust": 1.44565702
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
}
]
},
"last_update_date": "2024-07-23T22:21:36.530000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 4.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-092-01"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 4.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-091-01"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-092-01"
},
{
"title": "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/157945"
},
{
"title": "Advantech WebAccess/SCADA Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91013"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-157985"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 7.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-092-01"
},
{
"trust": 4.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-091-01"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-585/"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/107675"
},
{
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-092-01"
},
{
"trust": 0.6,
"url": "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv\u0026doc_source=download"
},
{
"trust": 0.6,
"url": "https://www.advantech.com/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6550"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-330/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78318"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "VULHUB",
"id": "VHN-157985"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"db": "VULHUB",
"id": "VHN-157985"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-03T00:00:00",
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"date": "2019-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"date": "2019-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-157985"
},
{
"date": "2019-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"date": "2019-04-05T19:29:00.310000",
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-322"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-311"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-329"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-325"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-313"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-317"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-328"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-320"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-318"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-308"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-330"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-315"
},
{
"date": "2019-07-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-585"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-323"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-327"
},
{
"date": "2019-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-08948"
},
{
"date": "2020-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-157985"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-089"
},
{
"date": "2020-10-06T14:02:16.967000",
"db": "NVD",
"id": "CVE-2019-6550"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess/SCADA Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "CNVD",
"id": "CNVD-2019-08948"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "4d85a7a9-a091-4c59-84e6-73c8b6639498"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-089"
}
],
"trust": 0.8
}
}
VAR-201805-0169
Vulnerability from variot - Updated: 2024-02-13 22:42Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code. Advantech WebAccess Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A DLL hijacking vulnerability exists in Advantech WebAccess 8.1 and earlier. Advantech WebAccess is prone to a local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. Advantech WebAccess 8.1 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0169",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"db": "BID",
"id": "96210"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609"
},
{
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Li MingZheng Kuangn",
"sources": [
{
"db": "BID",
"id": "96210"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5175",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-5175",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-02043",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-113378",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5175",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5175",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-02043",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-609",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-113378",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-5175",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"db": "VULHUB",
"id": "VHN-113378"
},
{
"db": "VULMON",
"id": "CVE-2017-5175"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609"
},
{
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code. Advantech WebAccess Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A DLL hijacking vulnerability exists in Advantech WebAccess 8.1 and earlier. Advantech WebAccess is prone to a local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. \nAdvantech WebAccess 8.1 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5175"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"db": "BID",
"id": "96210"
},
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "VULHUB",
"id": "VHN-113378"
},
{
"db": "VULMON",
"id": "CVE-2017-5175"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5175",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-045-01",
"trust": 3.5
},
{
"db": "BID",
"id": "96210",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-02043",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424",
"trust": 0.8
},
{
"db": "IVD",
"id": "E867D17F-0F33-4C9B-9B45-EE5B53126343",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-113378",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-5175",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"db": "VULHUB",
"id": "VHN-113378"
},
{
"db": "VULMON",
"id": "CVE-2017-5175"
},
{
"db": "BID",
"id": "96210"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609"
},
{
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"id": "VAR-201805-0169",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"db": "VULHUB",
"id": "VHN-113378"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "CNVD",
"id": "CNVD-2017-02043"
}
]
},
"last_update_date": "2024-02-13T22:42:04.534000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.co.jp/industrial-automation/webaccess"
},
{
"title": "Advantech WebAccess DLL hijacking vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/89770"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68206"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113378"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-01"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/96210"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5175"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5175"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-01 "
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/427.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"db": "VULHUB",
"id": "VHN-113378"
},
{
"db": "VULMON",
"id": "CVE-2017-5175"
},
{
"db": "BID",
"id": "96210"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609"
},
{
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"db": "VULHUB",
"id": "VHN-113378"
},
{
"db": "VULMON",
"id": "CVE-2017-5175"
},
{
"db": "BID",
"id": "96210"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609"
},
{
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-26T00:00:00",
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"date": "2017-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"date": "2018-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-113378"
},
{
"date": "2018-05-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5175"
},
{
"date": "2017-02-14T00:00:00",
"db": "BID",
"id": "96210"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"date": "2017-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-609"
},
{
"date": "2018-05-09T19:29:00.247000",
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-02043"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-113378"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5175"
},
{
"date": "2017-03-07T03:03:00",
"db": "BID",
"id": "96210"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013424"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-609"
},
{
"date": "2019-10-09T23:28:12.853000",
"db": "NVD",
"id": "CVE-2017-5175"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "96210"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess DLL Hijacking vulnerability",
"sources": [
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "CNVD",
"id": "CNVD-2017-02043"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e867d17f-0f33-4c9b-9b45-ee5b53126343"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-609"
}
],
"trust": 0.8
}
}
VAR-201810-0128
Vulnerability from variot - Updated: 2024-02-13 22:30Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.2"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1121"
},
{
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"cve": "CVE-2018-15704",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15704",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21797",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-125990",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15704",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15704",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21797",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1121",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-125990",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-15704",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"db": "VULHUB",
"id": "VHN-125990"
},
{
"db": "VULMON",
"id": "CVE-2018-15704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1121"
},
{
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"db": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-125990"
},
{
"db": "VULMON",
"id": "CVE-2018-15704"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15704",
"trust": 3.4
},
{
"db": "TENABLE",
"id": "TRA-2018-33",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1121",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-21797",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2FE7AB1-39AB-11E9-8710-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-125990",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-15704",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"db": "VULHUB",
"id": "VHN-125990"
},
{
"db": "VULMON",
"id": "CVE-2018-15704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1121"
},
{
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"id": "VAR-201810-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"db": "VULHUB",
"id": "VHN-125990"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21797"
}
]
},
"last_update_date": "2024-02-13T22:30:41.829000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Check Point Security Alerts: Advantech WebAccess Buffer Overflow (CVE-2018-15704)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=check_point_security_alerts\u0026qid=ead700aab13b40fd4fe05b6f6af7e21e"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-15704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125990"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.tenable.com/security/research/tra-2018-33"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15704"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15704"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2018-2677.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"db": "VULHUB",
"id": "VHN-125990"
},
{
"db": "VULMON",
"id": "CVE-2018-15704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1121"
},
{
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"db": "VULHUB",
"id": "VHN-125990"
},
{
"db": "VULMON",
"id": "CVE-2018-15704"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1121"
},
{
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-26T00:00:00",
"db": "IVD",
"id": "e2fe7ab1-39ab-11e9-8710-000c29342cb1"
},
{
"date": "2018-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"date": "2018-10-22T00:00:00",
"db": "VULHUB",
"id": "VHN-125990"
},
{
"date": "2018-10-22T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15704"
},
{
"date": "2019-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"date": "2018-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1121"
},
{
"date": "2018-10-22T19:29:00.453000",
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21797"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-125990"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15704"
},
{
"date": "2019-01-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1121"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2018-15704"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1121"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011103"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1121"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1121"
}
],
"trust": 0.6
}
}
VAR-201708-1119
Vulnerability from variot - Updated: 2024-02-06 22:53A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable. The vulnerability stems from the fact that the program does not fully verify the length of the data submitted by the user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1119",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.",
"sources": [
{
"db": "BID",
"id": "100526"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12704",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-12704",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23883",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-103253",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12704",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12704",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-23883",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1280",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103253",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-12704",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple heap-based buffer-overflow vulnerabilities. \n3. Multiple memory-corruption vulnerabilities. \n4. An SQL-injection vulnerability. \n5. A format-string vulnerability. \n6. An authentication-bypass vulnerability. \n7. A security-bypass vulnerability. \n8. A privilege-escalation vulnerability. \n9. A remote-code execution vulnerability. This may aid in further attacks. \nAdvantech WebAccess versions prior to V8.2_20170817 are vulnerable. The vulnerability stems from the fact that the program does not fully verify the length of the data submitted by the user",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12704",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-241-02",
"trust": 3.5
},
{
"db": "BID",
"id": "100526",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23883",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399",
"trust": 0.8
},
{
"db": "IVD",
"id": "96D43DE0-3F58-40E3-841A-E1B2D8A8FCD9",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103253",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-12704",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"id": "VAR-201708-1119",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
}
],
"trust": 1.582453675
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
}
]
},
"last_update_date": "2024-02-06T22:53:18.967000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess HEAP Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/101167"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74369"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-241-02"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/100526"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12704"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12704"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"db": "VULHUB",
"id": "VHN-103253"
},
{
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"db": "BID",
"id": "100526"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-103253"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"date": "2017-08-30T18:29:00.407000",
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23883"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103253"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12704"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100526"
},
{
"date": "2017-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1280"
},
{
"date": "2019-10-09T23:23:10.230000",
"db": "NVD",
"id": "CVE-2017-12704"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007399"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "96d43de0-3f58-40e3-841a-e1b2d8a8fcd9"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1280"
}
],
"trust": 0.8
}
}
VAR-201801-0138
Vulnerability from variot - Updated: 2023-12-26 22:44A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands. Advantech WebAccess Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within ChkAdminViewUsrPwd1, called from mailPg.asp. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code under the context of the web service. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. Multiple stack-based buffer-overflow vulnerabilities 3. A directory-traversal vulnerability 4. An SQL-injection vulnerability 5. Failed attacks will cause denial of service conditions. versions prior to Advantech WebAccess 8.3 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0138",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": null,
"trust": 3.5,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lt",
"trust": 2.4,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"db": "NVD",
"id": "CVE-2017-16716"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16716"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"db": "ZDI",
"id": "ZDI-18-028"
}
],
"trust": 2.1
},
"cve": "CVE-2017-16716",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16716",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 3.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-16716",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-00669",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-107666",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-16716",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-16716",
"trust": 3.5,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-16716",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-00669",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-244",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-107666",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-16716",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"db": "VULHUB",
"id": "VHN-107666"
},
{
"db": "VULMON",
"id": "CVE-2017-16716"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"db": "NVD",
"id": "CVE-2017-16716"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands. Advantech WebAccess Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within ChkAdminViewUsrPwd1, called from mailPg.asp. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code under the context of the web service. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple denial-of-service vulnerabilities\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. A directory-traversal vulnerability\n4. An SQL-injection vulnerability\n5. Failed attacks will cause denial of service conditions. \nversions prior to Advantech WebAccess 8.3 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16716"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-107666"
},
{
"db": "VULMON",
"id": "CVE-2017-16716"
}
],
"trust": 5.94
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-107666",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43928",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-107666"
},
{
"db": "VULMON",
"id": "CVE-2017-16716"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16716",
"trust": 7.2
},
{
"db": "BID",
"id": "102424",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-004-02",
"trust": 2.1
},
{
"db": "EXPLOIT-DB",
"id": "43928",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201801-244",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-00669",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-18-004-02A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4994",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-026",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5398",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-064",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5407",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-065",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4995",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-027",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4996",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-028",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "38634",
"trust": 0.6
},
{
"db": "IVD",
"id": "E2E0B981-39AB-11E9-83BA-000C29342CB1",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "146149",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-107666",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-16716",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"db": "VULHUB",
"id": "VHN-107666"
},
{
"db": "VULMON",
"id": "CVE-2017-16716"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"db": "NVD",
"id": "CVE-2017-16716"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
]
},
"id": "VAR-201801-0138",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"db": "VULHUB",
"id": "VHN-107666"
}
],
"trust": 1.4966049
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
}
]
},
"last_update_date": "2023-12-26T22:44:16.545000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess SQL Injection Vulnerability (CNVD-2018-00669)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/113117"
},
{
"title": "Advantech WebAccess SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77555"
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"db": "VULMON",
"id": "CVE-2017-16716"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-107666"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"db": "NVD",
"id": "CVE-2017-16716"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02"
},
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/102424"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/43928/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16716"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-004-02a"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16716"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/38634"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/89.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"db": "VULHUB",
"id": "VHN-107666"
},
{
"db": "VULMON",
"id": "CVE-2017-16716"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"db": "NVD",
"id": "CVE-2017-16716"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"db": "VULHUB",
"id": "VHN-107666"
},
{
"db": "VULMON",
"id": "CVE-2017-16716"
},
{
"db": "BID",
"id": "102424"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"db": "NVD",
"id": "CVE-2017-16716"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-10T00:00:00",
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"date": "2018-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-107666"
},
{
"date": "2018-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2017-16716"
},
{
"date": "2018-01-04T00:00:00",
"db": "BID",
"id": "102424"
},
{
"date": "2018-01-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"date": "2018-01-05T08:29:00.267000",
"db": "NVD",
"id": "CVE-2017-16716"
},
{
"date": "2018-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-026"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-064"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-065"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-027"
},
{
"date": "2018-01-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-028"
},
{
"date": "2018-01-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00669"
},
{
"date": "2018-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-107666"
},
{
"date": "2018-02-02T00:00:00",
"db": "VULMON",
"id": "CVE-2017-16716"
},
{
"date": "2018-01-04T00:00:00",
"db": "BID",
"id": "102424"
},
{
"date": "2018-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011764"
},
{
"date": "2018-02-02T02:29:01.137000",
"db": "NVD",
"id": "CVE-2017-16716"
},
{
"date": "2018-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011764"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "e2e0b981-39ab-11e9-83ba-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-244"
}
],
"trust": 0.8
}
}
VAR-201912-0756
Vulnerability from variot - Updated: 2023-12-18 13:43Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages. Advantech WebAccess Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a set of HMI / SCADA software based on browser architecture by Advantech of Taiwan, China. The software supports dynamic graphic display and real-time data control, and provides the ability to remotely control and manage automation equipment.
A buffer overflow vulnerability exists in Advantech WebAccess versions prior to 8.4.3. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-0756",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lt",
"trust": 2.4,
"vendor": "advantech",
"version": "8.4.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"db": "NVD",
"id": "CVE-2019-3951"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.4.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3951"
}
]
},
"cve": "CVE-2019-3951",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-3951",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-45387",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-155386",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-3951",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-3951",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2019-45387",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-657",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-155386",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"db": "VULHUB",
"id": "VHN-155386"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"db": "NVD",
"id": "CVE-2019-3951"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages. Advantech WebAccess Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a set of HMI / SCADA software based on browser architecture by Advantech of Taiwan, China. The software supports dynamic graphic display and real-time data control, and provides the ability to remotely control and manage automation equipment. \n\nA buffer overflow vulnerability exists in Advantech WebAccess versions prior to 8.4.3. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3951"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"db": "VULHUB",
"id": "VHN-155386"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-3951",
"trust": 3.3
},
{
"db": "TENABLE",
"id": "TRA-2019-52",
"trust": 3.1
},
{
"db": "CNNVD",
"id": "CNNVD-201912-657",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-45387",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206",
"trust": 0.8
},
{
"db": "IVD",
"id": "C5586C26-C6EB-4540-AC12-D193950F7B2D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-155386",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"db": "VULHUB",
"id": "VHN-155386"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"db": "NVD",
"id": "CVE-2019-3951"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
]
},
"id": "VAR-201912-0756",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"db": "VULHUB",
"id": "VHN-155386"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"db": "CNVD",
"id": "CNVD-2019-45387"
}
]
},
"last_update_date": "2023-12-18T13:43:09.533000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "https://www.advantech.co.jp/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Buffer Overflow Vulnerability (CNVD-2019-45387)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/194185"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=105656"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155386"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"db": "NVD",
"id": "CVE-2019-3951"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.tenable.com/security/research/tra-2019-52"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3951"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3951"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"db": "VULHUB",
"id": "VHN-155386"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"db": "NVD",
"id": "CVE-2019-3951"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"db": "VULHUB",
"id": "VHN-155386"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"db": "NVD",
"id": "CVE-2019-3951"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-16T00:00:00",
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"date": "2019-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"date": "2019-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-155386"
},
{
"date": "2019-12-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"date": "2019-12-12T21:15:12.120000",
"db": "NVD",
"id": "CVE-2019-3951"
},
{
"date": "2019-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-45387"
},
{
"date": "2019-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-155386"
},
{
"date": "2019-12-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013206"
},
{
"date": "2019-12-18T19:56:48.257000",
"db": "NVD",
"id": "CVE-2019-3951"
},
{
"date": "2020-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Vulnerable to out-of-bounds writing",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013206"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "c5586c26-c6eb-4540-ac12-d193950f7b2d"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-657"
}
],
"trust": 0.8
}
}
VAR-201705-3745
Vulnerability from variot - Updated: 2023-12-18 13:29An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability.The specific flaw exists within odbcPg4.asp. An attacker can leverage this vulnerability to overwrite key web files which will disable functionality on the target machine. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A directory traversal vulnerability exists in Advantech WebAccess due to the application's failure to adequately filter user-supplied input. A remote attacker exploited the vulnerability to retrieve sensitive information and execute arbitrary code through a specially crafted request with a directory traversal sequence ('../'). This may aid in further attacks. Advantech WebAccess version 8.1 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-3745",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess 8.2 20170330",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhou Yu",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-322"
}
],
"trust": 0.7
},
"cve": "CVE-2017-7929",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-7929",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2017-7929",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2017-06980",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-116132",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.1,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-7929",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7929",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2017-7929",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-06980",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-931",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-116132",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability.The specific flaw exists within odbcPg4.asp. An attacker can leverage this vulnerability to overwrite key web files which will disable functionality on the target machine. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A directory traversal vulnerability exists in Advantech WebAccess due to the application\u0027s failure to adequately filter user-supplied input. A remote attacker exploited the vulnerability to retrieve sensitive information and execute arbitrary code through a specially crafted request with a directory traversal sequence (\u0027../\u0027). This may aid in further attacks. \nAdvantech WebAccess version 8.1 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "VULHUB",
"id": "VHN-116132"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7929",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-124-03",
"trust": 2.8
},
{
"db": "BID",
"id": "98311",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-06980",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4013",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-322",
"trust": 0.7
},
{
"db": "IVD",
"id": "72B8F504-9FAF-4E5E-9287-87F7CB248C3E",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116132",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"id": "VAR-201705-3745",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
}
],
"trust": 1.437764485
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
}
]
},
"last_update_date": "2023-12-18T13:29:17.529000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-124-03"
},
{
"title": "Patch for Advantech WebAccess Directory Traversal Vulnerability (CNVD-2017-06980)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/93984"
},
{
"title": "Advantech WebAccess Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99746"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-124-03"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/98311"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7929"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7929"
},
{
"trust": 0.3,
"url": "http://www.advantech.in/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"db": "VULHUB",
"id": "VHN-116132"
},
{
"db": "BID",
"id": "98311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-19T00:00:00",
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"date": "2017-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"date": "2017-05-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"date": "2017-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-116132"
},
{
"date": "2017-05-04T00:00:00",
"db": "BID",
"id": "98311"
},
{
"date": "2017-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"date": "2017-05-06T00:29:00.490000",
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"date": "2017-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-17-322"
},
{
"date": "2017-05-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06980"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116132"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "98311"
},
{
"date": "2017-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"date": "2019-10-09T23:29:59.843000",
"db": "NVD",
"id": "CVE-2017-7929"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Path traversal vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003931"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "72b8f504-9faf-4e5e-9287-87f7cb248c3e"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-931"
}
],
"trust": 0.8
}
}
VAR-201810-0493
Vulnerability from variot - Updated: 2023-12-18 13:28WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution. WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwswfcfg.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech (Advantech) WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. The vulnerability stems from the fact that the software failed to properly verify the length of the data provided by the user. Advantech WebAccess is prone to the following security vulnerabilities: 1. This may aid in further attacks. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0493",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.3.2"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"db": "NVD",
"id": "CVE-2018-17910"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17910"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1330"
}
],
"trust": 0.7
},
"cve": "CVE-2018-17910",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-17910",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21937",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-128417",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-17910",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-17910",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-17910",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-17910",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21937",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1273",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-128417",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"db": "VULHUB",
"id": "VHN-128417"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"db": "NVD",
"id": "CVE-2018-17910"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution. WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwswfcfg.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech (Advantech) WebAccess software is the core of Advantech\u0027s IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. The vulnerability stems from the fact that the software failed to properly verify the length of the data provided by the user. Advantech WebAccess is prone to the following security vulnerabilities:\n1. This may aid in further attacks. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17910"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-128417"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17910",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-298-02",
"trust": 3.4
},
{
"db": "BID",
"id": "105736",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041957",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1273",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-21937",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7166",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1330",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2FEC8D0-39AB-11E9-B9A9-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-128417",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"db": "VULHUB",
"id": "VHN-128417"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"db": "NVD",
"id": "CVE-2018-17910"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
]
},
"id": "VAR-201810-0493",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"db": "VULHUB",
"id": "VHN-128417"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
}
]
},
"last_update_date": "2023-12-18T13:28:43.188000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "https://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-298-02"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-21937)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/143397"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86345"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-128417"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"db": "NVD",
"id": "CVE-2018-17910"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-298-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105736"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041957"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17910"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17910"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"db": "VULHUB",
"id": "VHN-128417"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"db": "NVD",
"id": "CVE-2018-17910"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"db": "VULHUB",
"id": "VHN-128417"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"db": "NVD",
"id": "CVE-2018-17910"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-28T00:00:00",
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"date": "2018-10-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"date": "2018-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"date": "2018-10-29T00:00:00",
"db": "VULHUB",
"id": "VHN-128417"
},
{
"date": "2018-10-25T00:00:00",
"db": "BID",
"id": "105736"
},
{
"date": "2019-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"date": "2018-10-29T18:29:08.823000",
"db": "NVD",
"id": "CVE-2018-17910"
},
{
"date": "2018-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1330"
},
{
"date": "2018-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21937"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-128417"
},
{
"date": "2018-10-25T00:00:00",
"db": "BID",
"id": "105736"
},
{
"date": "2019-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011340"
},
{
"date": "2019-10-09T23:37:02.613000",
"db": "NVD",
"id": "CVE-2018-17910"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011340"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2fec8d0-39ab-11e9-b9a9-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1273"
}
],
"trust": 0.8
}
}
VAR-201810-0492
Vulnerability from variot - Updated: 2023-12-18 13:28WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attacker to run elevated arbitrary code. WebAccess Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Advantech WebAccess Node. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the access controls that are set and modified during the installation of the product. Advantech (Advantech) WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. Advantech WebAccess is prone to the following security vulnerabilities: 1. A stack-based buffer overflow vulnerability 2. This may aid in further attacks. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0492",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.2"
},
{
"model": "webaccess",
"scope": null,
"trust": 1.4,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.3.2"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"db": "NVD",
"id": "CVE-2018-17908"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17908"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"db": "ZDI",
"id": "ZDI-18-1329"
}
],
"trust": 1.4
},
"cve": "CVE-2018-17908",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-17908",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21936",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-128414",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2018-17908",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.4,
"userInteraction": "NONE",
"vectorString": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-17908",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-17908",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-17908",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21936",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1272",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-128414",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"db": "VULHUB",
"id": "VHN-128414"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"db": "NVD",
"id": "CVE-2018-17908"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attacker to run elevated arbitrary code. WebAccess Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Advantech WebAccess Node. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the access controls that are set and modified during the installation of the product. Advantech (Advantech) WebAccess software is the core of Advantech\u0027s IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. Advantech WebAccess is prone to the following security vulnerabilities:\n1. A stack-based buffer overflow vulnerability\n2. This may aid in further attacks. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-128414"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17908",
"trust": 5.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-298-02",
"trust": 3.4
},
{
"db": "BID",
"id": "105736",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041957",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1272",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-21936",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7167",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1331",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7154",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1329",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2FEC8CF-39AB-11E9-89CC-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-128414",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"db": "VULHUB",
"id": "VHN-128414"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"db": "NVD",
"id": "CVE-2018-17908"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
]
},
"id": "VAR-201810-0492",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"db": "VULHUB",
"id": "VHN-128414"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
}
]
},
"last_update_date": "2023-12-18T13:28:43.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-298-02"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "https://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Advantech WebAccess improper access control vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/143395"
},
{
"title": "Advantech WebAccess Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86344"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-128414"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"db": "NVD",
"id": "CVE-2018-17908"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-298-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105736"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041957"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17908"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17908"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"db": "VULHUB",
"id": "VHN-128414"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"db": "NVD",
"id": "CVE-2018-17908"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"db": "VULHUB",
"id": "VHN-128414"
},
{
"db": "BID",
"id": "105736"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"db": "NVD",
"id": "CVE-2018-17908"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-28T00:00:00",
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"date": "2018-10-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"date": "2018-10-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"date": "2018-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"date": "2018-10-29T00:00:00",
"db": "VULHUB",
"id": "VHN-128414"
},
{
"date": "2018-10-25T00:00:00",
"db": "BID",
"id": "105736"
},
{
"date": "2019-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"date": "2018-10-29T18:29:08.277000",
"db": "NVD",
"id": "CVE-2018-17908"
},
{
"date": "2018-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1331"
},
{
"date": "2018-10-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1329"
},
{
"date": "2018-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21936"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-128414"
},
{
"date": "2018-10-25T00:00:00",
"db": "BID",
"id": "105736"
},
{
"date": "2019-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011341"
},
{
"date": "2019-10-09T23:37:02.363000",
"db": "NVD",
"id": "CVE-2018-17908"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Improper Access Control Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21936"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access control error",
"sources": [
{
"db": "IVD",
"id": "e2fec8cf-39ab-11e9-89cc-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1272"
}
],
"trust": 0.8
}
}
VAR-201705-2332
Vulnerability from variot - Updated: 2023-12-18 13:24upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within upAdminPg.asp. One project administrator can view other project administrators' passwords along with the system administrator's password. An attacker can leverage this vulnerability to escalate privileges within the system. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. ActiveX is one of the components used to transmit dynamic images in surveillance. A version of ActiveX prior to Advantech WebAccess 8.1_20160519 has a security vulnerability. An attacker could exploit the vulnerability to insert or run arbitrary code on an affected system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-2332",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.1_20160519"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess \u003c8.1 20160519",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5810"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhou Yu",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-429"
}
],
"trust": 0.7
},
"cve": "CVE-2016-5810",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-5810",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2016-5810",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-10506",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-94629",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-5810",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5810",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2016-5810",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-10506",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-867",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-94629",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within upAdminPg.asp. One project administrator can view other project administrators\u0027 passwords along with the system administrator\u0027s password. An attacker can leverage this vulnerability to escalate privileges within the system. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. ActiveX is one of the components used to transmit dynamic images in surveillance. A version of ActiveX prior to Advantech WebAccess 8.1_20160519 has a security vulnerability. An attacker could exploit the vulnerability to insert or run arbitrary code on an affected system",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "VULHUB",
"id": "VHN-94629"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5810",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-16-173-01",
"trust": 3.1
},
{
"db": "ZDI",
"id": "ZDI-16-429",
"trust": 2.4
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-10506",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3746",
"trust": 0.7
},
{
"db": "IVD",
"id": "29796EEF-56CD-4EE0-AEFC-005C9EC1B53A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94629",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"id": "VAR-201705-2332",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
}
],
"trust": 1.473478785
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
}
]
},
"last_update_date": "2023-12-18T13:24:27.954000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-173-01"
},
{
"title": "Advantech WebAccess ActiveX vulnerable patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/83391"
},
{
"title": "Advantech WebAccess ActiveX Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65188"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-173-01"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-429"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5810"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5810"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"db": "VULHUB",
"id": "VHN-94629"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-02T00:00:00",
"db": "IVD",
"id": "29796eef-56cd-4ee0-aefc-005c9ec1b53a"
},
{
"date": "2016-07-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"date": "2016-11-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"date": "2017-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-94629"
},
{
"date": "2017-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"date": "2017-05-02T14:59:00.487000",
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"date": "2016-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-429"
},
{
"date": "2016-11-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-10506"
},
{
"date": "2017-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-94629"
},
{
"date": "2017-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008542"
},
{
"date": "2017-05-11T16:36:48.103000",
"db": "NVD",
"id": "CVE-2016-5810"
},
{
"date": "2017-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess of upAdminPg.asp Vulnerable to obtaining important password information",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008542"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-867"
}
],
"trust": 0.6
}
}
VAR-201606-0256
Vulnerability from variot - Updated: 2023-12-18 13:24Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. An arbitrary code execution vulnerability exists in Advantech WebAccess prior to 8.1_20160519, which was caused by a program that marked an unsafe ActiveX control as safe-for-scripting. An attacker could exploit this vulnerability to insert and execute arbitrary code. Advantech WebAccess is prone to the following security vulnerabilities: 1. A local buffer-overflow vulnerability Local attackers can exploit these issues to perform unauthorized actions and crash the affected application; denying service to legitimate users. Due to the nature of these issues, code-execution may be possible but this has not been confirmed. Versions prior to Advantech WebAccess 8.1_20160519 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0256",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.1_20160519"
},
{
"model": "webaccess \u003c8.1 20160519",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"db": "NVD",
"id": "CVE-2016-4525"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4525"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhou Yu of Acorn Network Security.",
"sources": [
{
"db": "BID",
"id": "91346"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4525",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-4525",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-04291",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-93344",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.3,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4525",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4525",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-04291",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-505",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-93344",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"db": "VULHUB",
"id": "VHN-93344"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"db": "NVD",
"id": "CVE-2016-4525"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. An arbitrary code execution vulnerability exists in Advantech WebAccess prior to 8.1_20160519, which was caused by a program that marked an unsafe ActiveX control as safe-for-scripting. An attacker could exploit this vulnerability to insert and execute arbitrary code. Advantech WebAccess is prone to the following security vulnerabilities:\n1. A local buffer-overflow vulnerability\nLocal attackers can exploit these issues to perform unauthorized actions and crash the affected application; denying service to legitimate users. Due to the nature of these issues, code-execution may be possible but this has not been confirmed. \nVersions prior to Advantech WebAccess 8.1_20160519 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4525"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"db": "BID",
"id": "91346"
},
{
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"db": "VULHUB",
"id": "VHN-93344"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4525",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-173-01",
"trust": 3.1
},
{
"db": "AUSCERT",
"id": "ESB-2016.1575",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-04291",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003355",
"trust": 0.8
},
{
"db": "BID",
"id": "91346",
"trust": 0.3
},
{
"db": "IVD",
"id": "D1BDA473-0057-42ED-8E3B-7D90BC3A661A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-93344",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"db": "VULHUB",
"id": "VHN-93344"
},
{
"db": "BID",
"id": "91346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"db": "NVD",
"id": "CVE-2016-4525"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
]
},
"id": "VAR-201606-0256",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"db": "VULHUB",
"id": "VHN-93344"
}
],
"trust": 1.473478785
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"db": "CNVD",
"id": "CNVD-2016-04291"
}
]
},
"last_update_date": "2023-12-18T13:24:27.915000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess arbitrary code execution vulnerability (CNVD-2016-04291)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/78107"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62426"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4525"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-173-01"
},
{
"trust": 1.2,
"url": "http://www.auscert.org.au/./render.html?it=36102"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4525"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4525"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"db": "VULHUB",
"id": "VHN-93344"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"db": "NVD",
"id": "CVE-2016-4525"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"db": "VULHUB",
"id": "VHN-93344"
},
{
"db": "BID",
"id": "91346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"db": "NVD",
"id": "CVE-2016-4525"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-24T00:00:00",
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"date": "2016-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"date": "2016-06-25T00:00:00",
"db": "VULHUB",
"id": "VHN-93344"
},
{
"date": "2016-06-21T00:00:00",
"db": "BID",
"id": "91346"
},
{
"date": "2016-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"date": "2016-06-25T01:59:01.457000",
"db": "NVD",
"id": "CVE-2016-4525"
},
{
"date": "2016-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04291"
},
{
"date": "2016-06-28T00:00:00",
"db": "VULHUB",
"id": "VHN-93344"
},
{
"date": "2016-06-21T00:00:00",
"db": "BID",
"id": "91346"
},
{
"date": "2016-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003355"
},
{
"date": "2016-06-28T14:21:49.963000",
"db": "NVD",
"id": "CVE-2016-4525"
},
{
"date": "2016-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "91346"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Unspecified ActiveX Vulnerabilities that capture important information in controls",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003355"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "d1bda473-0057-42ed-8e3b-7d90bc3a661a"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-505"
}
],
"trust": 0.8
}
}
VAR-201606-0258
Vulnerability from variot - Updated: 2023-12-18 13:24Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in versions prior to Advantech WebAccess 8.1_20160519. An attacker could exploit this vulnerability to insert and execute arbitrary code with a specially crafted DLL file. Advantech WebAccess is prone to the following security vulnerabilities: 1. Unsafe ActiveX control local security vulnerability 2. A local buffer-overflow vulnerability Local attackers can exploit these issues to perform unauthorized actions and crash the affected application; denying service to legitimate users. Due to the nature of these issues, code-execution may be possible but this has not been confirmed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.1_20160519"
},
{
"model": "webaccess \u003c8.1 20160519",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"db": "NVD",
"id": "CVE-2016-4528"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4528"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhou Yu of Acorn Network Security.",
"sources": [
{
"db": "BID",
"id": "91346"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4528",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4528",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-04267",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-93347",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.0,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4528",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4528",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-04267",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-488",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-93347",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "VULHUB",
"id": "VHN-93347"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"db": "NVD",
"id": "CVE-2016-4528"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in versions prior to Advantech WebAccess 8.1_20160519. An attacker could exploit this vulnerability to insert and execute arbitrary code with a specially crafted DLL file. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Unsafe ActiveX control local security vulnerability\n2. A local buffer-overflow vulnerability\nLocal attackers can exploit these issues to perform unauthorized actions and crash the affected application; denying service to legitimate users. Due to the nature of these issues, code-execution may be possible but this has not been confirmed",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4528"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "BID",
"id": "91346"
},
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "VULHUB",
"id": "VHN-93347"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4528",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-173-01",
"trust": 3.1
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-04267",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326",
"trust": 0.8
},
{
"db": "BID",
"id": "91346",
"trust": 0.3
},
{
"db": "IVD",
"id": "686C7746-D588-4C1E-99EE-D9FB20515C64",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-93347",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "VULHUB",
"id": "VHN-93347"
},
{
"db": "BID",
"id": "91346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"db": "NVD",
"id": "CVE-2016-4528"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
]
},
"id": "VAR-201606-0258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "VULHUB",
"id": "VHN-93347"
}
],
"trust": 1.473478785
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "CNVD",
"id": "CNVD-2016-04267"
}
]
},
"last_update_date": "2023-12-18T13:24:27.873000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/78041"
},
{
"title": "Advantech WebAccess Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62414"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93347"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"db": "NVD",
"id": "CVE-2016-4528"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-173-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4528"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4528"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "VULHUB",
"id": "VHN-93347"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"db": "NVD",
"id": "CVE-2016-4528"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "VULHUB",
"id": "VHN-93347"
},
{
"db": "BID",
"id": "91346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"db": "NVD",
"id": "CVE-2016-4528"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-23T00:00:00",
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"date": "2016-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"date": "2016-06-25T00:00:00",
"db": "VULHUB",
"id": "VHN-93347"
},
{
"date": "2016-06-21T00:00:00",
"db": "BID",
"id": "91346"
},
{
"date": "2016-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"date": "2016-06-25T01:59:02.563000",
"db": "NVD",
"id": "CVE-2016-4528"
},
{
"date": "2016-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"date": "2016-06-27T00:00:00",
"db": "VULHUB",
"id": "VHN-93347"
},
{
"date": "2016-06-21T00:00:00",
"db": "BID",
"id": "91346"
},
{
"date": "2016-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003326"
},
{
"date": "2016-06-27T17:14:46.213000",
"db": "NVD",
"id": "CVE-2016-4528"
},
{
"date": "2016-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "CNVD",
"id": "CNVD-2016-04267"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "686c7746-d588-4c1e-99ee-d9fb20515c64"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-488"
}
],
"trust": 0.8
}
}
VAR-201509-0432
Vulnerability from variot - Updated: 2023-12-18 13:14Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech, China. A heap buffer overflow vulnerability exists in Advantech WebAccess. A local attacker could exploit the vulnerability to execute arbitrary code and may also cause a denial of service. Advantech WebAccess is prone to a local stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely cause denial-of-service conditions. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201509-0432",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "eq",
"trust": 1.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.0_20150816"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.0 20150816",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "8.0"
}
],
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Sanchez from Nullcode Team",
"sources": [
{
"db": "BID",
"id": "76753"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
],
"trust": 0.9
},
"cve": "CVE-2014-9202",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-9202",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-06219",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "726d326e-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-77147",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-9202",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-06219",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-257",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-77147",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech, China. A heap buffer overflow vulnerability exists in Advantech WebAccess. A local attacker could exploit the vulnerability to execute arbitrary code and may also cause a denial of service. Advantech WebAccess is prone to a local stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely cause denial-of-service conditions. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-77147"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9202",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-15-258-04",
"trust": 2.8
},
{
"db": "BID",
"id": "76753",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2015-06219",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132",
"trust": 0.8
},
{
"db": "IVD",
"id": "726D326E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-77147",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"id": "VAR-201509-0432",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
}
]
},
"last_update_date": "2023-12-18T13:14:36.167000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www2.advantech.co.jp/products/gf-1m94v/advantech-webaccess/mod_b975c492-56b3-4eba-8bbb-5b6d3483ee9d.aspx"
},
{
"title": "Patch for Advantech WebAccess heap buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/64469"
},
{
"title": "Advantech WebAccess Fixes for heap-based buffer overflow vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=57755"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-258-04"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/76753"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9202"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9202"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"db": "VULHUB",
"id": "VHN-77147"
},
{
"db": "BID",
"id": "76753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-25T00:00:00",
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"date": "2015-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-77147"
},
{
"date": "2015-09-15T00:00:00",
"db": "BID",
"id": "76753"
},
{
"date": "2015-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"date": "2015-09-28T02:59:00.107000",
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"date": "2015-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06219"
},
{
"date": "2015-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-77147"
},
{
"date": "2015-09-15T00:00:00",
"db": "BID",
"id": "76753"
},
{
"date": "2015-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008132"
},
{
"date": "2015-09-29T19:34:03.657000",
"db": "NVD",
"id": "CVE-2014-9202"
},
{
"date": "2015-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "76753"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Heap Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-06219"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "726d326e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-257"
}
],
"trust": 0.8
}
}
VAR-201909-0221
Vulnerability from variot - Updated: 2023-12-18 13:02Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message. Advantech WebAccess/SCADA Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer error vulnerability exists in Advantech WebAccess/SCADA version 8.4.1. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-0221",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess/scada",
"scope": "eq",
"trust": 1.4,
"vendor": "advantech",
"version": "8.4.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 1.0,
"vendor": "advantech",
"version": "8.4.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "8.4.1"
}
],
"sources": [
{
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"db": "NVD",
"id": "CVE-2019-3975"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:8.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3975"
}
]
},
"cve": "CVE-2019-3975",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-3975",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-32466",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-155410",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-3975",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-3975",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2019-32466",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-431",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-155410",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"db": "VULHUB",
"id": "VHN-155410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"db": "NVD",
"id": "CVE-2019-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message. Advantech WebAccess/SCADA Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer error vulnerability exists in Advantech WebAccess/SCADA version 8.4.1. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3975"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"db": "VULHUB",
"id": "VHN-155410"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-3975",
"trust": 3.3
},
{
"db": "TENABLE",
"id": "TRA-2019-41",
"trust": 2.5
},
{
"db": "CNNVD",
"id": "CNNVD-201909-431",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-32466",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167",
"trust": 0.8
},
{
"db": "IVD",
"id": "6779568D-C80F-445B-BA8E-FA61163D09AD",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-155410",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"db": "VULHUB",
"id": "VHN-155410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"db": "NVD",
"id": "CVE-2019-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
]
},
"id": "VAR-201909-0221",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"db": "VULHUB",
"id": "VHN-155410"
}
],
"trust": 1.44565702
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"db": "CNVD",
"id": "CNVD-2019-32466"
}
]
},
"last_update_date": "2023-12-18T13:02:05.117000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "https://www.advantech.co.jp/industrial-automation/webaccess"
},
{
"title": "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32466)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/181499"
},
{
"title": "Advantech WebAccess/SCADA Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=98025"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-120",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"db": "NVD",
"id": "CVE-2019-3975"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.tenable.com/security/research/tra-2019-41"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3975"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3975"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"db": "VULHUB",
"id": "VHN-155410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"db": "NVD",
"id": "CVE-2019-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"db": "VULHUB",
"id": "VHN-155410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"db": "NVD",
"id": "CVE-2019-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-21T00:00:00",
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"date": "2019-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"date": "2019-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-155410"
},
{
"date": "2019-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"date": "2019-09-10T16:15:12.667000",
"db": "NVD",
"id": "CVE-2019-3975"
},
{
"date": "2019-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-32466"
},
{
"date": "2019-09-11T00:00:00",
"db": "VULHUB",
"id": "VHN-155410"
},
{
"date": "2019-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009167"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2019-3975"
},
{
"date": "2021-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess/SCADA Vulnerable to classic buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009167"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "6779568d-c80f-445b-ba8e-fa61163d09ad"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-431"
}
],
"trust": 0.8
}
}
VAR-201202-0155
Vulnerability from variot - Updated: 2023-12-18 12:58webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) house arrest. Advantech/BroadWin SCADA WebAccess is prone to multiple remote vulnerabilities including an information-disclosure issue and a remote code-execution issue. Other attacks may also be possible. Advantech/BroadWin SCADA WebAccess 7.0 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0155",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": null,
"trust": 1.4,
"vendor": "broadwin",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 1.0,
"vendor": "broadwin",
"version": "*"
},
{
"model": "advantech/broadwin scada webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1203"
},
{
"db": "BID",
"id": "47008"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"db": "NVD",
"id": "CVE-2011-4041"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadwin:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4041"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta",
"sources": [
{
"db": "BID",
"id": "47008"
}
],
"trust": 0.3
},
"cve": "CVE-2011-4041",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-4041",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "27c87c84-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4041",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-105",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2011-4041",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2011-4041"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"db": "NVD",
"id": "CVE-2011-4041"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) house arrest. Advantech/BroadWin SCADA WebAccess is prone to multiple remote vulnerabilities including an information-disclosure issue and a remote code-execution issue. Other attacks may also be possible. \nAdvantech/BroadWin SCADA WebAccess 7.0 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4041"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"db": "CNVD",
"id": "CNVD-2011-1203"
},
{
"db": "BID",
"id": "47008"
},
{
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2011-4041"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=35495",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-4041"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4041",
"trust": 3.2
},
{
"db": "BID",
"id": "47008",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-11-094-02A",
"trust": 2.0
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-081-01",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201202-105",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-11-094-02B",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2011-1203",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001325",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20110322 SCADA TROJANS: ATTACKING THE GRID + ADVANTECH VULNERABILITIES",
"trust": 0.6
},
{
"db": "IVD",
"id": "27C87C84-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "B1F17DD8-1F9A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "35495",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-4041",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1203"
},
{
"db": "VULMON",
"id": "CVE-2011-4041"
},
{
"db": "BID",
"id": "47008"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"db": "NVD",
"id": "CVE-2011-4041"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
]
},
"id": "VAR-201202-0155",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1203"
}
],
"trust": 1.5913359200000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1203"
}
]
},
"last_update_date": "2023-12-18T12:58:21.517000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.broadwin.com/products.htm"
},
{
"title": "Offices Distributors",
"trust": 0.8,
"url": "http://www.broadwin.com/offices.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"db": "NVD",
"id": "CVE-2011-4041"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=72\u0026itemid=1"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-094-02a.pdf"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/47008"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/517117"
},
{
"trust": 1.7,
"url": "http://www.reversemode.com/downloads/exploit_advantech.zip"
},
{
"trust": 1.7,
"url": "http://www.reversemode.com/downloads/scada_trojans_ruben_rootedcon.pdf"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-081-01.pdf"
},
{
"trust": 0.9,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-11-094-02b"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4041"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4041"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com/product.php"
},
{
"trust": 0.3,
"url": "/archive/1/517117"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/35495/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1203"
},
{
"db": "VULMON",
"id": "CVE-2011-4041"
},
{
"db": "BID",
"id": "47008"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"db": "NVD",
"id": "CVE-2011-4041"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1203"
},
{
"db": "VULMON",
"id": "CVE-2011-4041"
},
{
"db": "BID",
"id": "47008"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"db": "NVD",
"id": "CVE-2011-4041"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-07T00:00:00",
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-24T00:00:00",
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1203"
},
{
"date": "2012-02-06T00:00:00",
"db": "VULMON",
"id": "CVE-2011-4041"
},
{
"date": "2011-03-23T00:00:00",
"db": "BID",
"id": "47008"
},
{
"date": "2012-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"date": "2012-02-06T20:55:02.267000",
"db": "NVD",
"id": "CVE-2011-4041"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1203"
},
{
"date": "2012-12-11T00:00:00",
"db": "VULMON",
"id": "CVE-2011-4041"
},
{
"date": "2014-01-09T02:01:00",
"db": "BID",
"id": "47008"
},
{
"date": "2012-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001325"
},
{
"date": "2012-12-11T04:27:10.967000",
"db": "NVD",
"id": "CVE-2011-4041"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech/BroadWin WebAccess of webvrpcs.exe Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001325"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "27c87c84-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "b1f17dd8-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-105"
}
],
"trust": 1.0
}
}
VAR-201702-0673
Vulnerability from variot - Updated: 2023-12-18 12:57An issue was discovered in Advantech WebAccess Version 8.1. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access pages unrestricted (AUTHENTICATION BYPASS). This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess (formerly known as BroadWinWebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A security bypass vulnerability exists in Advantech WebAccess version 8.1. An attacker could exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. WebAccess 8.1 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0673",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "eq",
"trust": 3.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "8.1"
}
],
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5152"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenable Network Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "BID",
"id": "95410"
}
],
"trust": 1.0
},
"cve": "CVE-2017-5152",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-5152",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-5152",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2017-00552",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-113355",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5152",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5152",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2017-5152",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-00552",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-327",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-113355",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Advantech WebAccess Version 8.1. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access pages unrestricted (AUTHENTICATION BYPASS). This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess (formerly known as BroadWinWebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A security bypass vulnerability exists in Advantech WebAccess version 8.1. An attacker could exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. \nWebAccess 8.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "VULHUB",
"id": "VHN-113355"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5152",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-012-01",
"trust": 3.4
},
{
"db": "BID",
"id": "95410",
"trust": 2.0
},
{
"db": "ZDI",
"id": "ZDI-17-043",
"trust": 1.6
},
{
"db": "TENABLE",
"id": "TRA-2017-04",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-00552",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3679",
"trust": 0.7
},
{
"db": "IVD",
"id": "EC77C86B-3355-445C-A5A5-7138437A8D7A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-113355",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"id": "VAR-201702-0673",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
}
]
},
"last_update_date": "2023-12-18T12:57:29.543000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
},
{
"title": "Advantech WebAccess Security Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88105"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66986"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/95410"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/research/tra-2017-04"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5152"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5152"
},
{
"trust": 0.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/ "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"db": "VULHUB",
"id": "VHN-113355"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"date": "2017-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-113355"
},
{
"date": "2017-01-12T00:00:00",
"db": "BID",
"id": "95410"
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"date": "2017-02-13T21:59:02.643000",
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00552"
},
{
"date": "2017-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-113355"
},
{
"date": "2017-01-23T04:05:00",
"db": "BID",
"id": "95410"
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001615"
},
{
"date": "2017-11-03T01:29:07.687000",
"db": "NVD",
"id": "CVE-2017-5152"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "ec77c86b-3355-445c-a5a5-7138437a8d7a"
},
{
"db": "CNVD",
"id": "CNVD-2017-00552"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-327"
}
],
"trust": 0.6
}
}
VAR-201702-0675
Vulnerability from variot - Updated: 2023-12-18 12:57An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess version 8.1. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the software, retrieve information, or modify data; other consequences are possible as well. WebAccess 8.1 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0675",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "eq",
"trust": 3.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "8.1"
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenable Network Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "BID",
"id": "95410"
}
],
"trust": 1.0
},
"cve": "CVE-2017-5154",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-5154",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-5154",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-00553",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "f6a19415-1129-4719-ad81-c1d464552563",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-113357",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5154",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5154",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2017-5154",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-00553",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-328",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-113357",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess version 8.1. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. \nAn attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the software, retrieve information, or modify data; other consequences are possible as well. \nWebAccess 8.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "VULHUB",
"id": "VHN-113357"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5154",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-012-01",
"trust": 3.4
},
{
"db": "BID",
"id": "95410",
"trust": 2.0
},
{
"db": "ZDI",
"id": "ZDI-17-043",
"trust": 1.6
},
{
"db": "TENABLE",
"id": "TRA-2017-04",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-00553",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3679",
"trust": 0.7
},
{
"db": "IVD",
"id": "F6A19415-1129-4719-AD81-C1D464552563",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-113357",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"id": "VAR-201702-0675",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
}
]
},
"last_update_date": "2023-12-18T12:57:29.500000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
},
{
"title": "Advantech WebAccess \u0027updateTemplate.aspx\u0027 SQL Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88106"
},
{
"title": "Advantech WebAccess SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66985"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/95410"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/research/tra-2017-04"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5154"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5154"
},
{
"trust": 0.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/ "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"date": "2017-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-113357"
},
{
"date": "2017-01-12T00:00:00",
"db": "BID",
"id": "95410"
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"date": "2017-02-13T21:59:02.707000",
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"date": "2017-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-113357"
},
{
"date": "2017-01-23T04:05:00",
"db": "BID",
"id": "95410"
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"date": "2017-11-03T01:29:07.733000",
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
],
"trust": 0.8
}
}
VAR-201411-0359
Vulnerability from variot - Updated: 2023-12-18 12:51Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. A stack buffer overflow vulnerability exists in Advantech WebAccess because the application failed to properly check the user-supplied data before copying it to a full-size buffer. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application (usually Internet Explorer) that is affected by an ActiveX control. Failed exploit attempts will likely result in denial-of-service conditions. Advantech WebAccess 7.2 is vulnerable; other versions may also be affected. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/
Advantech WebAccess Stack-based Buffer Overflow
- Advisory Information
Title: Advantech WebAccess Stack-based Buffer Overflow Advisory ID: CORE-2014-0010 Advisory URL: http://www.coresecurity.com/advisories/advantech-webAccess-stack-based-buffer-overflow Date published: 2014-11-19 Date of last update: 2014-11-19 Vendors contacted: Advantech Release mode: Coordinated release
-
Vulnerability Description
Advantech WebAccess [1] is a browser-based software package for human-machine interfaces HMI, and supervisory control and data acquisition SCADA.
-
WebAccess 7.2 .
-
Vendor Information, Solutions and Workarounds
Given that this is a client-side vulnerability, affected users should avoid opening untrusted '.html' files. Core Security also recommends those affected use third party software such as Sentinel [3] or EMET [2] that could help to prevent the exploitation of affected systems to some extent.
Additionally the vendor released WebAccess v8 [4] where it has deleted the vulnerable file 'webeye.ocx' but if version upgrade is being performed, the vulnerable ocx file is not deleted at all, therefore we do not consider this a correct fix.
-
Credits
This vulnerability was discovered and researched by Ricardo Narvaja from Core Security Consulting Services. The publication of this advisory was coordinated by Joaqu\xedn Rodr\xedguez Varela from Core Advisories Team.
-
This is caused because the application copies to the stack the string without checking its length.
/-----
document.vdoactx.Connect(ip_address, port_no);
-----/
/-----
0001C2AA 8B11 MOV EDX,DWORD PTR DS:[ECX] 0001C2AC 8A45 08 MOV AL,BYTE PTR SS:[EBP+8] 0001C2AF 8802 MOV BYTE PTR DS:[EDX],AL 0001C2B1 FF01 INC DWORD PTR DS:[ECX] 0001C2B3 0FB6C0 MOVZX EAX,AL 0001C2B6 EB 0B JMP SHORT 0001C2C3
-----/
-
Report Timeline . 2014-10-01:
Initial notification sent to ICS-CERT informing of the vulnerability and requesting the vendor's contact information. 2014-10-01:
ICS-CERT informs that they will ask the vendor if they want to coordinate directly with us or if they prefer to have ICS-CERT mediate. They request the vulnerability report. 2014-10-01:
ICS-CERT informs that the vendor answered that they would like the ICS-CERT to mediate the coordination of the advisory. They requested again the vulnerability report. 2014-10-01:
We send the vulnerability detail, including technical description and a PoC. 2014-10-09:
We request a status update on the reported vulnerability. 2014-10-20:
ICS-CERT informs that the vendor has patched WebAccess in version 8.0 and published it. This was done without informing us in order to make a coordianted release. The ICS-CERT asks if we can test the fix. 2014-10-21:
We clearly state how we disagree with the uncoordinated published fix. We began testing the fix. 2014-10-21:
We inform them that the "webeye.ocx" file (version 1.0.1.35) is still present in the new version. 2014-10-27:
ICS-CERT informs us that the vendor has removed the vulnerable OCX file from the new version but it doesn't remove it from previous installations, making the new version still vulnerable. 2014-11-13:
We inform them that we will publish this advisory as user release on Wednesday 19th of November. 2014-11-19:
Advisory CORE-2014-0010 published.
-
References
[1] http://webaccess.advantech.com/. [2] http://support.microsoft.com/kb/2458544. [3] https://github.com/CoreSecurity/sentinel. [4] http://webaccess.advantech.com/webaccess_download.php?lang=eng.
-
About CoreLabs
CoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
-
About Core Security
Core Security enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
-
Disclaimer
The contents of this advisory are copyright (c) 2014 Core Security and (c) 2014 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
-
PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0359",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "eq",
"trust": 1.2,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8388"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ricardo Narvaja from Core Security Consulting Services",
"sources": [
{
"db": "BID",
"id": "71193"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8388",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-8388",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-08420",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-76333",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8388",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-08420",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-391",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-76333",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. A stack buffer overflow vulnerability exists in Advantech WebAccess because the application failed to properly check the user-supplied data before copying it to a full-size buffer. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application (usually Internet Explorer) that is affected by an ActiveX control. Failed exploit attempts will likely result in denial-of-service conditions. \nAdvantech WebAccess 7.2 is vulnerable; other versions may also be affected. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. Core Security - Corelabs Advisory\nhttp://corelabs.coresecurity.com/\n\nAdvantech WebAccess Stack-based Buffer Overflow\n\n\n1. *Advisory Information*\n\nTitle: Advantech WebAccess Stack-based Buffer Overflow\nAdvisory ID: CORE-2014-0010\nAdvisory URL:\nhttp://www.coresecurity.com/advisories/advantech-webAccess-stack-based-buffer-overflow\nDate published: 2014-11-19\nDate of last update: 2014-11-19\nVendors contacted: Advantech\nRelease mode: Coordinated release\n\n\n2. *Vulnerability Description*\n\n Advantech WebAccess [1] is a browser-based software package for\nhuman-machine interfaces HMI, and supervisory control and data\nacquisition SCADA. \n \n\n4. WebAccess 7.2\n . \n\n\n5. *Vendor Information, Solutions and Workarounds*\n\n Given that this is a client-side vulnerability, affected users\nshould avoid opening untrusted \u0027.html\u0027 files. Core Security also\nrecommends those affected use third party software such as Sentinel [3]\nor EMET [2] that could help to prevent the exploitation of affected\nsystems to some extent. \n \n Additionally the vendor released WebAccess v8 [4] where it has\ndeleted the vulnerable file \u0027webeye.ocx\u0027 but if version upgrade is being\nperformed, the vulnerable ocx file is not deleted at all, therefore we\ndo not consider this a correct fix. \n \n\n6. *Credits*\n\n This vulnerability was discovered and researched by Ricardo Narvaja\nfrom Core Security Consulting Services. The publication of this advisory\nwas coordinated by Joaqu\\xedn Rodr\\xedguez Varela from Core Advisories Team. \n\n\n7. This is caused because the\napplication copies to the stack the string without checking its length. \n \n\n/-----\n \ndocument.vdoactx.Connect(ip_address, port_no);\n\n-----/\n\n\n/-----\n \n0001C2AA 8B11 MOV EDX,DWORD PTR DS:[ECX]\n0001C2AC 8A45 08 MOV AL,BYTE PTR SS:[EBP+8]\n0001C2AF 8802 MOV BYTE PTR DS:[EDX],AL\n0001C2B1 FF01 INC DWORD PTR DS:[ECX]\n0001C2B3 0FB6C0 MOVZX EAX,AL\n0001C2B6 EB 0B JMP SHORT 0001C2C3\n\n-----/\n\n\n8. *Report Timeline*\n. 2014-10-01:\n\n Initial notification sent to ICS-CERT informing of the vulnerability\nand requesting the vendor\u0027s contact information. 2014-10-01:\n\n ICS-CERT informs that they will ask the vendor if they want to\ncoordinate directly with us or if they prefer to have ICS-CERT mediate. \nThey request the vulnerability report. 2014-10-01:\n\n ICS-CERT informs that the vendor answered that they would like the\nICS-CERT to mediate the coordination of the advisory. They requested\nagain the vulnerability report. 2014-10-01:\n\n We send the vulnerability detail, including technical description\nand a PoC. 2014-10-09:\n\n We request a status update on the reported vulnerability. 2014-10-20:\n\n ICS-CERT informs that the vendor has patched WebAccess in version\n8.0 and published it. This was done without informing us in order to\nmake a coordianted release. The ICS-CERT asks if we can test the fix. 2014-10-21:\n\n We clearly state how we disagree with the uncoordinated published\nfix. We began testing the fix. 2014-10-21:\n\n We inform them that the \"webeye.ocx\" file (version 1.0.1.35) is\nstill present in the new version. 2014-10-27:\n\n ICS-CERT informs us that the vendor has removed the vulnerable OCX\nfile from the new version but it doesn\u0027t remove it from previous\ninstallations, making the new version still vulnerable. 2014-11-13:\n\n We inform them that we will publish this advisory as user release on\nWednesday 19th of November. 2014-11-19:\n\n Advisory CORE-2014-0010 published. \n \n\n9. *References*\n\n[1] http://webaccess.advantech.com/. \n[2] http://support.microsoft.com/kb/2458544. \n[3] https://github.com/CoreSecurity/sentinel. \n[4] http://webaccess.advantech.com/webaccess_download.php?lang=eng. \n\n\n10. *About CoreLabs*\n\n CoreLabs, the research center of Core Security, is charged with\nanticipating the future needs and requirements for information security\ntechnologies. We conduct our research in several important areas of\ncomputer security\nincluding system vulnerabilities, cyber attack planning and simulation,\nsource code auditing, and cryptography. Our results include problem\nformalization, identification of vulnerabilities, novel solutions and\nprototypes for new technologies. CoreLabs regularly publishes security\nadvisories, technical papers, project information and shared software\ntools for public use at: http://corelabs.coresecurity.com. \n \n\n11. *About Core Security*\n\n Core Security enables organizations to get ahead of threats with\nsecurity test and measurement solutions that continuously identify and\ndemonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n \n Core Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security can\nbe reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n \n\n12. *Disclaimer*\n\n The contents of this advisory are copyright (c) 2014 Core Security\nand (c) 2014 CoreLabs,\nand are licensed under a Creative Commons Attribution Non-Commercial\nShare-Alike 3.0 (United States) License:\nhttp://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n13. *PGP/GPG Keys*\n\n This advisory has been signed with the GPG key of Core Security\nadvisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "BID",
"id": "71193"
},
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "PACKETSTORM",
"id": "129186"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-76333",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76333"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8388",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-324-01",
"trust": 2.5
},
{
"db": "BID",
"id": "71193",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-08420",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588",
"trust": 0.8
},
{
"db": "IVD",
"id": "B5ED655E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129186",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-76333",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "BID",
"id": "71193"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "PACKETSTORM",
"id": "129186"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"id": "VAR-201411-0359",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
}
]
},
"last_update_date": "2023-12-18T12:51:49.283000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://webaccess.advantech.com/"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/52041"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-324-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8388"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8388"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/71193"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.1,
"url": "https://github.com/coresecurity/sentinel."
},
{
"trust": 0.1,
"url": "http://webaccess.advantech.com/webaccess_download.php?lang=eng."
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://webaccess.advantech.com/."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2458544."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8388"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/advisories/advantech-webaccess-stack-based-buffer-overflow"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "BID",
"id": "71193"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "PACKETSTORM",
"id": "129186"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "BID",
"id": "71193"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "PACKETSTORM",
"id": "129186"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-21T00:00:00",
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"date": "2014-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-76333"
},
{
"date": "2014-11-19T00:00:00",
"db": "BID",
"id": "71193"
},
{
"date": "2014-11-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"date": "2014-11-20T16:34:36",
"db": "PACKETSTORM",
"id": "129186"
},
{
"date": "2014-11-21T02:59:07.270000",
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"date": "2014-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"date": "2014-11-24T00:00:00",
"db": "VULHUB",
"id": "VHN-76333"
},
{
"date": "2015-07-15T00:14:00",
"db": "BID",
"id": "71193"
},
{
"date": "2014-11-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"date": "2014-11-24T14:09:54.730000",
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"date": "2014-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
],
"trust": 0.8
}
}
VAR-201711-0754
Vulnerability from variot - Updated: 2023-12-18 12:51An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable. Advantech WebAccess Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Advantech WebAccess 8.2_20170817 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0754",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lt",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": null,
"trust": 1.4,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2_20170817",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12719"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
}
],
"trust": 1.4
},
"cve": "CVE-2017-12719",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-12719",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 1.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-12719",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-32564",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-103269",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-12719",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12719",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2017-12719",
"trust": 1.4,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-32564",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-170",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103269",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable. Advantech WebAccess Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. \nVersions prior to Advantech WebAccess 8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "VULHUB",
"id": "VHN-103269"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12719",
"trust": 5.0
},
{
"db": "ICS CERT",
"id": "ICSA-17-306-02",
"trust": 3.4
},
{
"db": "BID",
"id": "101685",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-32564",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4950",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-939",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4951",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-940",
"trust": 0.7
},
{
"db": "IVD",
"id": "324AEB72-83A5-4EC9-8BFB-77E3DF73ED3A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103269",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"id": "VAR-201711-0754",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
}
],
"trust": 1.582453675
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
}
]
},
"last_update_date": "2023-12-18T12:51:01.834000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-02"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech WebAccess Pointer Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/105314"
},
{
"title": "Advantech WebAccess Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76156"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101685"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12719"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12719"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"db": "VULHUB",
"id": "VHN-103269"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-03T00:00:00",
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"date": "2017-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"date": "2017-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-103269"
},
{
"date": "2017-11-02T00:00:00",
"db": "BID",
"id": "101685"
},
{
"date": "2017-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"date": "2017-11-06T22:29:00.193000",
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"date": "2017-11-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-940"
},
{
"date": "2017-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32564"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103269"
},
{
"date": "2017-12-19T22:36:00",
"db": "BID",
"id": "101685"
},
{
"date": "2017-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009931"
},
{
"date": "2019-10-09T23:23:12.387000",
"db": "NVD",
"id": "CVE-2017-12719"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-939"
},
{
"db": "ZDI",
"id": "ZDI-17-940"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "324aeb72-83a5-4ec9-8bfb-77e3df73ed3a"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-170"
}
],
"trust": 0.8
}
}
VAR-201711-0409
Vulnerability from variot - Updated: 2023-12-18 12:51A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within implementation of the 0x138bd IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Advantech WebAccess 8.2_20170817 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0409",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lt",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess 8.2 20170817",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2_20170817",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14016"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-938"
}
],
"trust": 0.7
},
"cve": "CVE-2017-14016",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-14016",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-32562",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-104696",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-14016",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-14016",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2017-14016",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-32562",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1259",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-104696",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within implementation of the 0x138bd IOCTL in the webvrpcs process. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will result in a denial-of-service condition. \nVersions prior to Advantech WebAccess 8.2_20170817 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "VULHUB",
"id": "VHN-104696"
}
],
"trust": 3.33
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-104696",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104696"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14016",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-306-02",
"trust": 3.4
},
{
"db": "BID",
"id": "101685",
"trust": 1.4
},
{
"db": "EXPLOIT-DB",
"id": "43340",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-32562",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4949",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-938",
"trust": 0.7
},
{
"db": "IVD",
"id": "AE88E8AE-B267-4E99-BFAC-8A81BBB4590A",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145401",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-104696",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"id": "VAR-201711-0409",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
}
],
"trust": 1.582453675
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
}
]
},
"last_update_date": "2023-12-18T12:51:01.790000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-02"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/105309"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75601"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-02"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/101685"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/43340/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14016"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14016"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"db": "VULHUB",
"id": "VHN-104696"
},
{
"db": "BID",
"id": "101685"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-03T00:00:00",
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"date": "2017-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"date": "2017-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-104696"
},
{
"date": "2017-11-02T00:00:00",
"db": "BID",
"id": "101685"
},
{
"date": "2017-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"date": "2017-11-06T22:29:00.240000",
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"date": "2017-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-938"
},
{
"date": "2017-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32562"
},
{
"date": "2017-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-104696"
},
{
"date": "2017-12-19T22:36:00",
"db": "BID",
"id": "101685"
},
{
"date": "2017-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"date": "2017-12-20T02:29:03.410000",
"db": "NVD",
"id": "CVE-2017-14016"
},
{
"date": "2017-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009932"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "ae88e8ae-b267-4e99-bfac-8a81bbb4590a"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1259"
}
],
"trust": 0.8
}
}
VAR-202003-0167
Vulnerability from variot - Updated: 2023-12-18 12:43In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. Advantech WebAccess Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture of Chinese company Advantech (Advantech). The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automated equipment.
There is a buffer overflow vulnerability in Advantech WebAccess 8.4.2 and previous versions. The vulnerability stems from the program's failure to correctly verify the length of data submitted by users. Attackers can use this vulnerability to execute code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-0167",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.4.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "8.4.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.4.2"
}
],
"sources": [
{
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"db": "NVD",
"id": "CVE-2020-10607"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.4.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10607"
}
]
},
"cve": "CVE-2020-10607",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003531",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-19926",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-163102",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003531",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-10607",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-003531",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-19926",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1645",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-163102",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"db": "VULHUB",
"id": "VHN-163102"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"db": "NVD",
"id": "CVE-2020-10607"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. Advantech WebAccess Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture of Chinese company Advantech (Advantech). The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automated equipment. \n\r\n\r\nThere is a buffer overflow vulnerability in Advantech WebAccess 8.4.2 and previous versions. The vulnerability stems from the program\u0027s failure to correctly verify the length of data submitted by users. Attackers can use this vulnerability to execute code",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10607"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"db": "VULHUB",
"id": "VHN-163102"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10607",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-20-086-01",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2020-19926",
"trust": 1.3
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1645",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.1084",
"trust": 0.6
},
{
"db": "IVD",
"id": "D5282D3D-A398-4571-B9BC-DA30828C4D30",
"trust": 0.2
},
{
"db": "IVD",
"id": "B9A6B9C9-B8DF-47A0-90C2-5D1880F27A53",
"trust": 0.2
},
{
"db": "IVD",
"id": "FDD0B3F8-3949-42E4-A46F-0B16E2B5E110",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-163102",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"db": "VULHUB",
"id": "VHN-163102"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"db": "NVD",
"id": "CVE-2020-10607"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
]
},
"id": "VAR-202003-0167",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"db": "VULHUB",
"id": "VHN-163102"
}
],
"trust": 1.73267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"db": "CNVD",
"id": "CNVD-2020-19926"
}
]
},
"last_update_date": "2023-12-18T12:43:05.024000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.advantech.com/"
},
{
"title": "Patch for Advantech WebAccess buffer overflow vulnerability (CNVD-2020-19926)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/211327"
},
{
"title": "Advantech WebAccess Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=113038"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163102"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"db": "NVD",
"id": "CVE-2020-10607"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-086-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10607"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10607"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1084/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"db": "VULHUB",
"id": "VHN-163102"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"db": "NVD",
"id": "CVE-2020-10607"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"db": "VULHUB",
"id": "VHN-163102"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"db": "NVD",
"id": "CVE-2020-10607"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-26T00:00:00",
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"date": "2020-03-26T00:00:00",
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"date": "2020-03-26T00:00:00",
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"date": "2020-03-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"date": "2020-03-27T00:00:00",
"db": "VULHUB",
"id": "VHN-163102"
},
{
"date": "2020-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"date": "2020-03-27T14:15:12.463000",
"db": "NVD",
"id": "CVE-2020-10607"
},
{
"date": "2020-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-19926"
},
{
"date": "2020-04-01T00:00:00",
"db": "VULHUB",
"id": "VHN-163102"
},
{
"date": "2020-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003531"
},
{
"date": "2020-04-01T13:54:57.343000",
"db": "NVD",
"id": "CVE-2020-10607"
},
{
"date": "2020-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Out-of-bounds write vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003531"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "d5282d3d-a398-4571-b9bc-da30828c4d30"
},
{
"db": "IVD",
"id": "b9a6b9c9-b8df-47a0-90c2-5d1880f27a53"
},
{
"db": "IVD",
"id": "fdd0b3f8-3949-42e4-a46f-0b16e2b5e110"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1645"
}
],
"trust": 1.2
}
}
VAR-202006-0370
Vulnerability from variot - Updated: 2023-12-18 12:42WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. WebAccess Node Is Advantech Industrial software provided by. The issue results from incorrect permissions set on a resource used by the service. Authentication is not required to exploit this vulnerability.The specific flaw exists within DATACORE.exe. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess browser-based HMI and SCADA software. Advantech WebAccess is a set of browser-based HMI/SCADA software developed by China Taiwan Advantech Company. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": null,
"trust": 1.4,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.4.4"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.8,
"vendor": "advantech",
"version": "8.4.4"
},
{
"model": "webaccess node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.4.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"db": "ZDI",
"id": "ZDI-20-655"
},
{
"db": "ZDI",
"id": "ZDI-20-654"
},
{
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"db": "NVD",
"id": "CVE-2020-12019"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.4.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12019"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-655"
}
],
"trust": 0.7
},
"cve": "CVE-2020-12019",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-32232",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-164655",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-005320",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-12019",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-12019",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-12019",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "IPA",
"id": "JVNDB-2020-005320",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2020-12019",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2020-12019",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2020-32232",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-830",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-164655",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"db": "ZDI",
"id": "ZDI-20-655"
},
{
"db": "ZDI",
"id": "ZDI-20-654"
},
{
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"db": "VULHUB",
"id": "VHN-164655"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"db": "NVD",
"id": "CVE-2020-12019"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. WebAccess Node Is Advantech Industrial software provided by. The issue results from incorrect permissions set on a resource used by the service. Authentication is not required to exploit this vulnerability.The specific flaw exists within DATACORE.exe. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess browser-based HMI and SCADA software. Advantech WebAccess is a set of browser-based HMI/SCADA software developed by China Taiwan Advantech Company. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12019"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"db": "ZDI",
"id": "ZDI-20-655"
},
{
"db": "ZDI",
"id": "ZDI-20-654"
},
{
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"db": "VULHUB",
"id": "VHN-164655"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-12019",
"trust": 4.9
},
{
"db": "ICS CERT",
"id": "ICSA-20-161-01",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2020-32232",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-202006-830",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU96784798",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10017",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-655",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9779",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-654",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.2012",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47159",
"trust": 0.6
},
{
"db": "IVD",
"id": "B5FB5C83-6937-4FF7-A6B9-209011280300",
"trust": 0.2
},
{
"db": "IVD",
"id": "36D665EC-7A01-4E8B-946B-FF1761CA7BF1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-164655",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"db": "ZDI",
"id": "ZDI-20-655"
},
{
"db": "ZDI",
"id": "ZDI-20-654"
},
{
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"db": "VULHUB",
"id": "VHN-164655"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"db": "NVD",
"id": "CVE-2020-12019"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
]
},
"id": "VAR-202006-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"db": "VULHUB",
"id": "VHN-164655"
}
],
"trust": 1.6389165700000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"db": "CNVD",
"id": "CNVD-2020-32232"
}
]
},
"last_update_date": "2023-12-18T12:42:56.018000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Support \u0026 Download",
"trust": 0.8,
"url": "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv\u0026doc_source=download"
},
{
"title": "Patch for Advantech WebAccess Node buffer overflow vulnerability (CNVD-2020-32232)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/220857"
},
{
"title": "Advantech WebAccess Node Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=121213"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-121",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-164655"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"db": "NVD",
"id": "CVE-2020-12019"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12019"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96784798/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47159"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12019"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2012/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"db": "VULHUB",
"id": "VHN-164655"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"db": "NVD",
"id": "CVE-2020-12019"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"db": "ZDI",
"id": "ZDI-20-655"
},
{
"db": "ZDI",
"id": "ZDI-20-654"
},
{
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"db": "VULHUB",
"id": "VHN-164655"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"db": "NVD",
"id": "CVE-2020-12019"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-09T00:00:00",
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"date": "2020-06-09T00:00:00",
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"date": "2020-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-20-655"
},
{
"date": "2020-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-20-654"
},
{
"date": "2020-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"date": "2020-06-15T00:00:00",
"db": "VULHUB",
"id": "VHN-164655"
},
{
"date": "2020-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"date": "2020-06-15T20:15:11.537000",
"db": "NVD",
"id": "CVE-2020-12019"
},
{
"date": "2020-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-20-655"
},
{
"date": "2020-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-20-654"
},
{
"date": "2020-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-32232"
},
{
"date": "2021-09-23T00:00:00",
"db": "VULHUB",
"id": "VHN-164655"
},
{
"date": "2020-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005320"
},
{
"date": "2021-09-23T13:39:15.107000",
"db": "NVD",
"id": "CVE-2020-12019"
},
{
"date": "2020-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech Made WebAccess Node Stack-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005320"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "b5fb5c83-6937-4ff7-a6b9-209011280300"
},
{
"db": "IVD",
"id": "36d665ec-7a01-4e8b-946b-ff1761ca7bf1"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-830"
}
],
"trust": 1.0
}
}