CVE-2014-0768

Advantech WebAccess Stack-based Buffer Overflow

CVSS 7.5 EPSS 2.7%CWE-121

An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. The attacker may then remotely execute arbitrary code.

AV:N/AC:L/Au:N/C:P/I:P/A:P

Produtos afetados

Advantech · WebAccess

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03 https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03 http://webaccess.advantech.com/http://www.securityfocus.com/bid/66732 http://www.securityfocus.com/bid/66740