CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16217 – Advantech WebAccess/HMI Designer PM3 File Parsing Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-16217
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash. Advantech WebAccess HMI Designer, versiones 2.1.9.31 y anteriores. Una vulnerabilidad de doble liberación causada por el procesamiento de archivos de proyecto especialmente diseñados puede permitir una ejecución de código remota, divulgación y modificación de información o causar que la aplicación se bloquee This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PM3 files. • https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02 https://www.zerodayinitiative.com/advisories/ZDI-20-952 • CWE-415: Double Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16899
https://notcve.org/view.php?id=CVE-2019-16899
In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918. En Advantech WebAccess/HMI Designer versión 2.1.9.31, los Datos desde una Dirección en Fallo controlan el Flujo de Código que inicia en PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918. • http://code610.blogspot.com/2019/09/crashing-webaccesshmi-designer-21931.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16900
https://notcve.org/view.php?id=CVE-2019-16900
Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c. Advantech WebAccess/HMI Designer versión 2.1.9.31, presenta un User Mode Write AV que inicia en MSVCR90!Memcpy+0x000000000000015c. • http://code610.blogspot.com/2019/09/crashing-webaccesshmi-designer-21931.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16901
https://notcve.org/view.php?id=CVE-2019-16901
Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4. Advantech WebAccess/HMI Designer versión 2.1.9.31 presenta corrupción en Exception Handler Chain que inicia en Unknown Symbol @ 0x0000000000000000 llamado desde ntdll! RtlRaiseStatus+0x00000000000000b4. • http://code610.blogspot.com/2019/09/crashing-webaccesshmi-designer-21931.html • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10961 – Advantech WebAccess HMI Designer MCR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-10961
In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution. En WebAccess HMI Designer de Advantech versión 2.1.9.23 y anteriores, el procesamiento de archivos MCR especialmente diseñados que carecen de una comprobación apropiada de datos suministrados por el usuario, puede causar que el sistema escriba fuera del área de búfer prevista, permitiendo la ejecución de código remota. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MCR files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. • https://www.us-cert.gov/ics/advisories/icsa-19-213-01 https://www.zerodayinitiative.com/advisories/ZDI-19-691 • CWE-787: Out-of-bounds Write •