← back
CVE-2014-0768

Advantech WebAccess Stack-based Buffer Overflow

CVSS 7.5 EPSS 2.7%CWE-121
An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. The attacker may then remotely execute arbitrary code.
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected products
Advantech · WebAccess

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03http://webaccess.advantech.com/http://www.securityfocus.com/bid/66732http://www.securityfocus.com/bid/66740