Details of VAR-201404-0539

ID

VAR-201404-0539

CVE

CVE-2014-0764

TITLE

Advantech WebAccess Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2014-001975

DESCRIPTION

By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing NodeName parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions

Trust: 3.69

sources: NVD: CVE-2014-0764 // JVNDB: JVNDB-2014-001975 // ZDI: ZDI-14-076 // CNVD: CNVD-2014-02262 // BID: 66718 // IVD: 2b34b2f8-1edf-11e6-abef-000c29c66e3d // IVD: 1645f628-2352-11e6-abef-000c29c66e3d // IVD: 7d7c1a80-463f-11e9-a220-000c29342cb1 // VULHUB: VHN-68257

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.2

sources: IVD: 2b34b2f8-1edf-11e6-abef-000c29c66e3d // IVD: 1645f628-2352-11e6-abef-000c29c66e3d // IVD: 7d7c1a80-463f-11e9-a220-000c29342cb1 // CNVD: CNVD-2014-02262

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess	scope:	eq	version:	5.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	7.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	6.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	7.1	Trust: 1.2
vendor:	advantech	model:	webaccess	scope:	lte	version:	7.1	Trust: 1.0
vendor:	advantech	model:	webaccess	scope:	lt	version:	7.2	Trust: 0.8
vendor:	advantech	model:	webaccess	scope:	-	version:	-	Trust: 0.7
vendor:	advantech webaccess	model:	-	scope:	eq	version:	5.0	Trust: 0.6
vendor:	advantech webaccess	model:	-	scope:	eq	version:	6.0	Trust: 0.6
vendor:	advantech webaccess	model:	-	scope:	eq	version:	7.0	Trust: 0.6
vendor:	advantech webaccess	model:	-	scope:	eq	version:	*	Trust: 0.6
vendor:	advantech	model:	broadwin webaccess	scope:	eq	version:	7.0	Trust: 0.3

sources: IVD: 2b34b2f8-1edf-11e6-abef-000c29c66e3d // IVD: 1645f628-2352-11e6-abef-000c29c66e3d // IVD: 7d7c1a80-463f-11e9-a220-000c29342cb1 // ZDI: ZDI-14-076 // CNVD: CNVD-2014-02262 // BID: 66718 // CNNVD: CNNVD-201404-170 // JVNDB: JVNDB-2014-001975 // NVD: CVE-2014-0764

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov:	CVE-2014-0764
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2014-0764
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-0764
value:	HIGH
Trust: 0.8
ZDI:	CVE-2014-0764
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2014-02262
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201404-170
value:	HIGH
Trust: 0.6
IVD:	2b34b2f8-1edf-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
IVD:	1645f628-2352-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
IVD:	7d7c1a80-463f-11e9-a220-000c29342cb1
value:	HIGH
Trust: 0.2
VULHUB:	VHN-68257
value:	HIGH
Trust: 0.1

ics-cert@hq.dhs.gov:	CVE-2014-0764
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 3.5
CNVD:	CNVD-2014-02262
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	2b34b2f8-1edf-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	1645f628-2352-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	7d7c1a80-463f-11e9-a220-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-68257
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 2b34b2f8-1edf-11e6-abef-000c29c66e3d // IVD: 1645f628-2352-11e6-abef-000c29c66e3d // IVD: 7d7c1a80-463f-11e9-a220-000c29342cb1 // ZDI: ZDI-14-076 // CNVD: CNVD-2014-02262 // VULHUB: VHN-68257 // CNNVD: CNNVD-201404-170 // JVNDB: JVNDB-2014-001975 // NVD: CVE-2014-0764 // NVD: CVE-2014-0764

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-121	Trust: 1.0

sources: VULHUB: VHN-68257 // JVNDB: JVNDB-2014-001975 // NVD: CVE-2014-0764

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-170

TYPE

Buffer overflow

Trust: 1.2

sources: IVD: 2b34b2f8-1edf-11e6-abef-000c29c66e3d // IVD: 1645f628-2352-11e6-abef-000c29c66e3d // IVD: 7d7c1a80-463f-11e9-a220-000c29342cb1 // CNNVD: CNNVD-201404-170

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001975

PATCH

title:	Advantech WebAccess	url:	http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx	Trust: 0.8
title:	Downloads ::: WebAccess Software	url:	http://webaccess.advantech.com/downloads.php?item=software	Trust: 0.8
title:	Advantech has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03	Trust: 0.7
title:	Patch for Advantech WebAccess NodeName parameter handling stack buffer overflow vulnerability (CNVD-2014-02262)	url:	https://www.cnvd.org.cn/patchInfo/show/44786	Trust: 0.6
title:	AdvantechWebAccessCHNNode_2014.03.03_3.3.1	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49251	Trust: 0.6

sources: ZDI: ZDI-14-076 // CNVD: CNVD-2014-02262 // CNNVD: CNNVD-201404-170 // JVNDB: JVNDB-2014-001975

EXTERNAL IDS

db:	NVD	id:	CVE-2014-0764	Trust: 4.7
db:	ICS CERT	id:	ICSA-14-079-03	Trust: 3.1
db:	BID	id:	66718	Trust: 2.0
db:	CNNVD	id:	CNNVD-201404-170	Trust: 1.3
db:	CNVD	id:	CNVD-2014-02262	Trust: 1.2
db:	BID	id:	66740	Trust: 1.0
db:	JVNDB	id:	JVNDB-2014-001975	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-2009	Trust: 0.7
db:	ZDI	id:	ZDI-14-076	Trust: 0.7
db:	OSVDB	id:	105573	Trust: 0.6
db:	SECUNIA	id:	57873	Trust: 0.6
db:	IVD	id:	2B34B2F8-1EDF-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	1645F628-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	7D7C1A80-463F-11E9-A220-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-68257	Trust: 0.1

sources: IVD: 2b34b2f8-1edf-11e6-abef-000c29c66e3d // IVD: 1645f628-2352-11e6-abef-000c29c66e3d // IVD: 7d7c1a80-463f-11e9-a220-000c29342cb1 // ZDI: ZDI-14-076 // CNVD: CNVD-2014-02262 // VULHUB: VHN-68257 // BID: 66718 // CNNVD: CNNVD-201404-170 // JVNDB: JVNDB-2014-001975 // NVD: CVE-2014-0764

REFERENCES

url:	http://ics-cert.us-cert.gov/advisories/icsa-14-079-03	Trust: 3.8
url:	http://www.securityfocus.com/bid/66718	Trust: 1.1
url:	http://www.securityfocus.com/bid/66740	Trust: 1.0
url:	http://webaccess.advantech.com/	Trust: 1.0
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0764	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0764	Trust: 0.8
url:	http://osvdb.com/show/osvdb/105573	Trust: 0.6
url:	http://secunia.com/advisories/57873	Trust: 0.6

sources: ZDI: ZDI-14-076 // CNVD: CNVD-2014-02262 // VULHUB: VHN-68257 // CNNVD: CNNVD-201404-170 // JVNDB: JVNDB-2014-001975 // NVD: CVE-2014-0764

CREDITS

Tom Gallagher

Trust: 0.7

sources: ZDI: ZDI-14-076

SOURCES

db:	IVD	id:	2b34b2f8-1edf-11e6-abef-000c29c66e3d
db:	IVD	id:	1645f628-2352-11e6-abef-000c29c66e3d
db:	IVD	id:	7d7c1a80-463f-11e9-a220-000c29342cb1
db:	ZDI	id:	ZDI-14-076
db:	CNVD	id:	CNVD-2014-02262
db:	VULHUB	id:	VHN-68257
db:	BID	id:	66718
db:	CNNVD	id:	CNNVD-201404-170
db:	JVNDB	id:	JVNDB-2014-001975
db:	NVD	id:	CVE-2014-0764

LAST UPDATE DATE

2025-09-21T23:04:14.164000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-14-076	date:	2014-04-10T00:00:00
db:	CNVD	id:	CNVD-2014-02262	date:	2014-04-14T00:00:00
db:	VULHUB	id:	VHN-68257	date:	2015-07-09T00:00:00
db:	BID	id:	66718	date:	2014-04-17T00:40:00
db:	CNNVD	id:	CNNVD-201404-170	date:	2014-04-15T00:00:00
db:	JVNDB	id:	JVNDB-2014-001975	date:	2014-04-15T00:00:00
db:	NVD	id:	CVE-2014-0764	date:	2025-09-19T19:15:37.717

SOURCES RELEASE DATE

db:	IVD	id:	2b34b2f8-1edf-11e6-abef-000c29c66e3d	date:	2014-04-11T00:00:00
db:	IVD	id:	1645f628-2352-11e6-abef-000c29c66e3d	date:	2014-04-11T00:00:00
db:	IVD	id:	7d7c1a80-463f-11e9-a220-000c29342cb1	date:	2014-04-11T00:00:00
db:	ZDI	id:	ZDI-14-076	date:	2014-04-10T00:00:00
db:	CNVD	id:	CNVD-2014-02262	date:	2014-04-11T00:00:00
db:	VULHUB	id:	VHN-68257	date:	2014-04-12T00:00:00
db:	BID	id:	66718	date:	2014-04-08T00:00:00
db:	CNNVD	id:	CNNVD-201404-170	date:	2014-04-15T00:00:00
db:	JVNDB	id:	JVNDB-2014-001975	date:	2014-04-15T00:00:00
db:	NVD	id:	CVE-2014-0764	date:	2014-04-12T04:37:31.470