Sign-up

ID

VAR-201404-0542


CVE

CVE-2014-0767


TITLE

Advantech WebAccess AccessCode Parameter Handling Stack Buffer Overflow Vulnerability

Trust: 1.0

sources: IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d // IVD: 1681e714-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02244

DESCRIPTION

An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. This will overflow the static stack buffer. The attacker may then execute code on the target device remotely. Advantech WebAccess Contains a stack-based buffer overflow vulnerability.Too long by a third party AccessCode Arbitrary code may be executed via an argument. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied AccessCode string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing AccessCode parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, causing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Trust: 3.51

sources: NVD: CVE-2014-0767 // JVNDB: JVNDB-2014-001978 // ZDI: ZDI-14-074 // CNVD: CNVD-2014-02244 // BID: 66728 // IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d // IVD: 1681e714-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-68260

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d // IVD: 1681e714-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02244

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope:eqversion:5.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:7.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:6.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:7.1

Trust: 1.2

vendor:advantechmodel:webaccessscope:lteversion:7.1

Trust: 1.0

vendor:advantechmodel:webaccessscope:ltversion:7.2

Trust: 0.8

vendor:advantechmodel:webaccessscope: - version: -

Trust: 0.7

vendor:advantech webaccessmodel: - scope:eqversion:5.0

Trust: 0.4

vendor:advantech webaccessmodel: - scope:eqversion:6.0

Trust: 0.4

vendor:advantech webaccessmodel: - scope:eqversion:7.0

Trust: 0.4

vendor:advantech webaccessmodel: - scope:eqversion:*

Trust: 0.4

vendor:advantechmodel:broadwin webaccessscope:eqversion:7.0

Trust: 0.3

sources: IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d // IVD: 1681e714-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-074 // CNVD: CNVD-2014-02244 // BID: 66728 // CNNVD: CNNVD-201404-173 // JVNDB: JVNDB-2014-001978 // NVD: CVE-2014-0767

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov: CVE-2014-0767
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2014-0767
value: HIGH

Trust: 1.0

NVD: CVE-2014-0767
value: HIGH

Trust: 0.8

ZDI: CVE-2014-0767
value: HIGH

Trust: 0.7

CNVD: CNVD-2014-02244
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201404-173
value: HIGH

Trust: 0.6

IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: 1681e714-2352-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

VULHUB: VHN-68260
value: HIGH

Trust: 0.1

ics-cert@hq.dhs.gov: CVE-2014-0767
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 3.5

CNVD: CNVD-2014-02244
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 1681e714-2352-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-68260
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d // IVD: 1681e714-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-074 // CNVD: CNVD-2014-02244 // VULHUB: VHN-68260 // CNNVD: CNNVD-201404-173 // JVNDB: JVNDB-2014-001978 // NVD: CVE-2014-0767 // NVD: CVE-2014-0767

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

problemtype:CWE-121

Trust: 1.0

sources: VULHUB: VHN-68260 // JVNDB: JVNDB-2014-001978 // NVD: CVE-2014-0767

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-173

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d // IVD: 1681e714-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201404-173

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001978

PATCH
title:Advantech WebAccessurl:http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx
Trust: 0.8
title:Downloads ::: WebAccess Softwareurl:http://webaccess.advantech.com/downloads.php?item=software
Trust: 0.8
title:Advantech has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Trust: 0.7
title:Advantech WebAccess AccessCode parameter handling stack buffer overflow vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/44782
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-074 // 
            
            
            
            CNVD: CNVD-2014-02244 // 
            
            
            
            JVNDB: JVNDB-2014-001978

EXTERNAL IDS
db:NVDid:CVE-2014-0767
Trust: 4.5
db:ICS CERTid:ICSA-14-079-03
Trust: 3.1
db:BIDid:66728
Trust: 2.0
db:CNNVDid:CNNVD-201404-173
Trust: 1.1
db:CNVDid:CNVD-2014-02244
Trust: 1.0
db:BIDid:66740
Trust: 1.0
db:JVNDBid:JVNDB-2014-001978
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2012
Trust: 0.7
db:ZDIid:ZDI-14-074
Trust: 0.7
db:OSVDBid:105566
Trust: 0.6
db:SECUNIAid:57873
Trust: 0.6
db:IVDid:31A3EFA0-1EDF-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:1681E714-2352-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-68260
Trust: 0.1
sources:
            
            
            IVD: 31a3efa0-1edf-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 1681e714-2352-11e6-abef-000c29c66e3d // 
            
            
            
            ZDI: ZDI-14-074 // 
            
            
            
            CNVD: CNVD-2014-02244 // 
            
            
            
            VULHUB: VHN-68260 // 
            
            
            
            BID: 66728 // 
            
            
            
            CNNVD: CNNVD-201404-173 // 
            
            
            
            JVNDB: JVNDB-2014-001978 // 
            
            
            
            NVD: CVE-2014-0767

REFERENCES
url:http://ics-cert.us-cert.gov/advisories/icsa-14-079-03
Trust: 3.8
url:http://www.securityfocus.com/bid/66728
Trust: 1.1
url:http://www.securityfocus.com/bid/66740
Trust: 1.0
url:http://webaccess.advantech.com/
Trust: 1.0
url:https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0767
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0767
Trust: 0.8
url:http://osvdb.com/show/osvdb/105566
Trust: 0.6
url:http://secunia.com/advisories/57873
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-074 // 
            
            
            
            CNVD: CNVD-2014-02244 // 
            
            
            
            VULHUB: VHN-68260 // 
            
            
            
            CNNVD: CNNVD-201404-173 // 
            
            
            
            JVNDB: JVNDB-2014-001978 // 
            
            
            
            NVD: CVE-2014-0767

CREDITS
Tom Gallagher
Trust: 0.7
sources:
            
            
            ZDI: ZDI-14-074

SOURCES
db:IVDid:31a3efa0-1edf-11e6-abef-000c29c66e3d
db:IVDid:1681e714-2352-11e6-abef-000c29c66e3d
db:ZDIid:ZDI-14-074
db:CNVDid:CNVD-2014-02244
db:VULHUBid:VHN-68260
db:BIDid:66728
db:CNNVDid:CNNVD-201404-173
db:JVNDBid:JVNDB-2014-001978
db:NVDid:CVE-2014-0767

LAST UPDATE DATE
2025-09-21T23:04:13.842000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-14-074date:2014-04-10T00:00:00
db:CNVDid:CNVD-2014-02244date:2014-04-11T00:00:00
db:VULHUBid:VHN-68260date:2015-07-09T00:00:00
db:BIDid:66728date:2014-04-17T00:40:00
db:CNNVDid:CNNVD-201404-173date:2014-04-15T00:00:00
db:JVNDBid:JVNDB-2014-001978date:2014-04-15T00:00:00
db:NVDid:CVE-2014-0767date:2025-09-19T20:15:37.177

SOURCES RELEASE DATE
db:IVDid:31a3efa0-1edf-11e6-abef-000c29c66e3ddate:2014-04-11T00:00:00
db:IVDid:1681e714-2352-11e6-abef-000c29c66e3ddate:2014-04-11T00:00:00
db:ZDIid:ZDI-14-074date:2014-04-10T00:00:00
db:CNVDid:CNVD-2014-02244date:2014-04-11T00:00:00
db:VULHUBid:VHN-68260date:2014-04-12T00:00:00
db:BIDid:66728date:2014-04-08T00:00:00
db:CNNVDid:CNNVD-201404-173date:2014-04-15T00:00:00
db:JVNDBid:JVNDB-2014-001978date:2014-04-15T00:00:00
db:NVDid:CVE-2014-0767date:2014-04-12T04:37:31.567