Multiple vulnerabilities in Advantech WebAccess/SCADA
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 48 |
| CVE-ID | CVE-2020-12022 CVE-2020-12014 CVE-2020-12026 CVE-2020-12018 CVE-2020-12002 CVE-2020-10638 CVE-2020-12006 CVE-2020-12010 |
| CWE-ID | CWE-122 CWE-119 CWE-89 CWE-121 CWE-22 CWE-125 CWE-190 CWE-77 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Advantech WebAccess Server applications / SCADA systems |
| Vendor | Advantech Co., Ltd |
Security Bulletin
This security bulletin contains information about 48 vulnerabilities.
Updated 11.05.2020
Added vulnerability #48
1) Heap-based buffer overflow
EUVDB-ID: #VU27664
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x5218 in datacore.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-612/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Heap-based buffer overflow
EUVDB-ID: #VU27663
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x520B in datacore.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-606/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Heap-based buffer overflow
EUVDB-ID: #VU27662
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x5209 in datacore.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-607/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Heap-based buffer overflow
EUVDB-ID: #VU27661
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x5208 in datacore.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-608/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Heap-based buffer overflow
EUVDB-ID: #VU27660
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x5213 in datacore.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-609/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Heap-based buffer overflow
EUVDB-ID: #VU27659
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x520B in datacore.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-610/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Heap-based buffer overflow
EUVDB-ID: #VU27658
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x521B in datacore.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-611/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU27657
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-12022
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a improper array index validation within the implementation of IOCTL 0x0000521e in DATACORE.exe. A remote attacker can pass specially crafted data to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.us-cert.gov/ics/advisories/icsa-20-128-01
https://www.zerodayinitiative.com/advisories/ZDI-20-598/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) SQL injection
EUVDB-ID: #VU27656
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: N/A
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the implementation of IOCTL 0x00013c71 in BwWebSvc.dll. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to disclose stored credentials, leading to further compromise.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-613/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) SQL injection
EUVDB-ID: #VU27655
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: N/A
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the implementation of IOCTL 0x00013c74 and IOCTL 0x00013c75 in BwWebSvc.dll. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to disclose stored credentials, leading to further compromise.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-614/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) SQL injection
EUVDB-ID: #VU27654
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-12014
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the implementation of IOCTL 0x00013c76 and IOCTL 0x00013c77 in BwWebSvc.dll. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to disclose stored credentials, leading to further compromise.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-615/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Heap-based buffer overflow
EUVDB-ID: #VU27653
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x5217 in datacore.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-629/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Stack-based buffer overflow
EUVDB-ID: #VU27652
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within bwscrp.exe when invoked via IOCTL 0x2711. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-632/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Path traversal
EUVDB-ID: #VU27651
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error within the implementation of IOCTL 0x0000277d in DrawSrv.dll. A remote attacker can pass specially crafted data to the application and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-627/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Path traversal
EUVDB-ID: #VU27650
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-12026
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error within the implementation of IOCTL 0x0000277d in ViewSrv.dll. A remote attacker can pass specially crafted data to the application and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-626/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Out-of-bounds read
EUVDB-ID: #VU27649
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-12018
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the implementation of IOCTL 0x00002722 in ViewSrv.dll. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-628/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Out-of-bounds read
EUVDB-ID: #VU27648
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-12018
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the implementation of IOCTL 0x00002722 in DrawSrv.dll. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-630/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Path traversal
EUVDB-ID: #VU27647
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error within the implementation of IOCTL 0x0000791e in DATACORE.exe. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the system.
Install update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-591/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Stack-based buffer overflow
EUVDB-ID: #VU27646
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00005241 in DATACORE.exe. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-590/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Stack-based buffer overflow
EUVDB-ID: #VU27645
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00005227 in DATACORE.exe. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-592/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Stack-based buffer overflow
EUVDB-ID: #VU27644
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the BwBacNetJ device driver. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-619/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Stack-based buffer overflow
EUVDB-ID: #VU27643
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the GpsET200 device driver. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-622/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Stack-based buffer overflow
EUVDB-ID: #VU27642
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the OPCUA device driver. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-624/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Stack-based buffer overflow
EUVDB-ID: #VU27641
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the SyntecUA device driver. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-625/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Stack-based buffer overflow
EUVDB-ID: #VU27640
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the BwBacNetJ driver. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-633/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Stack-based buffer overflow
EUVDB-ID: #VU27639
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-12002
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the BwBacNetJ driver. A remote unauthenticated attacker can pass specially crafted data to the application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-634/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Heap-based buffer overflow
EUVDB-ID: #VU27638
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00002723 in ViewSrv.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-593/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Heap-based buffer overflow
EUVDB-ID: #VU27637
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00002774 in ViewSrv.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-594/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Heap-based buffer overflow
EUVDB-ID: #VU27636
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00002775 in ViewSrv.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-596/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Heap-based buffer overflow
EUVDB-ID: #VU27635
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00005226 in DATACORE.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-597/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Heap-based buffer overflow
EUVDB-ID: #VU27634
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x0000791c in DATACORE.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-599/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Integer overflow
EUVDB-ID: #VU27633
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x0000791e in DATACORE.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-600/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Heap-based buffer overflow
EUVDB-ID: #VU27632
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x0000791d in DATACORE.exe. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-601/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Heap-based buffer overflow
EUVDB-ID: #VU27631
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00002775 in DrawSrv.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-602/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Heap-based buffer overflow
EUVDB-ID: #VU27630
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00002723 in DrawSrv.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-603/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Heap-based buffer overflow
EUVDB-ID: #VU27629
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00002774 in DrawSrv.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-604/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Heap-based buffer overflow
EUVDB-ID: #VU27628
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x00013c77 in BwWebSvc.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-616/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Heap-based buffer overflow
EUVDB-ID: #VU27627
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the implementation of IOCTL 0x00013c7b in BwWebSvc.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-617/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Heap-based buffer overflow
EUVDB-ID: #VU27626
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x00013c84 in BwWebSvc.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-618/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Heap-based buffer overflow
EUVDB-ID: #VU27625
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the BwTCPIP device driver. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-620/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Heap-based buffer overflow
EUVDB-ID: #VU27624
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the BwTCPIP device driver. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-621/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Heap-based buffer overflow
EUVDB-ID: #VU27623
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the ModDuDrv device driver. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-623/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Heap-based buffer overflow
EUVDB-ID: #VU27622
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the processing of IOCTL 0x00013c80 in BwWebSvc.dll. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-631/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Heap-based buffer overflow
EUVDB-ID: #VU27621
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-10638
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the BwBacNetJ driver. A remote attacker can trick the victim to visit a specially crafted web page, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-635/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Command Injection
EUVDB-ID: #VU27620
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to input validation error within the implementation of IOCTL 0x00002711 in DrawSrv.dll. A remote attacker can trick the victim to visit a specially crafted web page and execute arbitrary code on the target system.
Install update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-605/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Path traversal
EUVDB-ID: #VU27619
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system
The vulnerability exists due to input validation error within the implementation of IOCTL 0x0000791e in DATACORE.exe. A remote attacker can create a specially crafted web page, trick the victim into visiting it and execute arbitrary code on the target system.
Install update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-589/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Command Injection
EUVDB-ID: #VU27618
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-12006
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation within the implementation of IOCTL 0x00002711 in ViewSrv.dll. A remote attacker can trick the victim to visit a specially crafted web page and execute arbitrary commands on the system.
Install update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-20-595/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Path traversal
EUVDB-ID: #VU27675
Risk: Medium
CVSSv4.0: 4.4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-12010
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote authenticated attacker can use a specially crafted file to delete files outside the application’s control.
MitigationInstall update from vendor's website.
Vulnerable software versionsAdvantech WebAccess: 6.0-2007.06.05 - 9.0.0
CPE2.3- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.05:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.12:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0-2007.06.18:*:*:*:*:*:*:*
https://www.us-cert.gov/ics/advisories/icsa-20-128-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
