CVE-2014-0767

Advantech WebAccess Stack-based Buffer Overflow

CVSS 7.5 EPSS 2.7%CWE-121

An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. This will overflow the static stack buffer. The attacker may then execute code on the target device remotely.

AV:N/AC:L/Au:N/C:P/I:P/A:P

Productos afectados

Advantech · WebAccess

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03 https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03 http://webaccess.advantech.com/http://www.securityfocus.com/bid/66728 http://www.securityfocus.com/bid/66740