CVE-2019-10961
N/A
N/A
Summary
In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Advantech WebAccess HMI Designer | Version 2.1.9.23 and prior | affected |
Weaknesses
- CWE-787: OUT-OF-BOUNDS WRITE CWE-787
ADP Enrichment
CVE Program Container
Additional References
- https://www.us-cert.gov/ics/advisories/icsa-19-213-01
- https://www.zerodayinitiative.com/advisories/ZDI-19-691/
References
- https://www.us-cert.gov/ics/advisories/icsa-19-213-01
- https://www.zerodayinitiative.com/advisories/ZDI-19-691/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.