← back
CVE-2014-0764

Advantech WebAccess Stack-based Buffer Overflow

CVSS 7.5 EPSS 2.7%CWE-121
By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely.
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected products
Advantech · WebAccess

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03http://webaccess.advantech.com/http://www.securityfocus.com/bid/66718http://www.securityfocus.com/bid/66740