Details of VAR-201404-0543

ID

VAR-201404-0543

CVE

CVE-2014-0768

TITLE

Advantech WebAccess Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2014-001979

DESCRIPTION

An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. The attacker may then remotely execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. The control does not check the length of an attacker-supplied AccessCode2 string before copying it into a fixed length buffer on the stack. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing Username parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions

Trust: 3.51

sources: NVD: CVE-2014-0768 // JVNDB: JVNDB-2014-001979 // ZDI: ZDI-14-116 // CNVD: CNVD-2014-02245 // BID: 66732 // IVD: 3013e55a-1edf-11e6-abef-000c29c66e3d // IVD: 167bb862-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-68261

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: 3013e55a-1edf-11e6-abef-000c29c66e3d // IVD: 167bb862-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02245

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess	scope:	eq	version:	5.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	7.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	6.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	7.1	Trust: 1.2
vendor:	advantech	model:	webaccess	scope:	lte	version:	7.1	Trust: 1.0
vendor:	advantech	model:	webaccess	scope:	lt	version:	7.2	Trust: 0.8
vendor:	advantech	model:	webaccess	scope:	-	version:	-	Trust: 0.7
vendor:	advantech webaccess	model:	-	scope:	eq	version:	5.0	Trust: 0.4
vendor:	advantech webaccess	model:	-	scope:	eq	version:	6.0	Trust: 0.4
vendor:	advantech webaccess	model:	-	scope:	eq	version:	7.0	Trust: 0.4
vendor:	advantech webaccess	model:	-	scope:	eq	version:	*	Trust: 0.4
vendor:	advantech	model:	broadwin webaccess	scope:	eq	version:	7.0	Trust: 0.3

sources: IVD: 3013e55a-1edf-11e6-abef-000c29c66e3d // IVD: 167bb862-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-116 // CNVD: CNVD-2014-02245 // BID: 66732 // CNNVD: CNNVD-201404-174 // JVNDB: JVNDB-2014-001979 // NVD: CVE-2014-0768

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov:	CVE-2014-0768
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2014-0768
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-0768
value:	HIGH
Trust: 0.8
ZDI:	CVE-2014-0768
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2014-02245
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201404-174
value:	HIGH
Trust: 0.6
IVD:	3013e55a-1edf-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
IVD:	167bb862-2352-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-68261
value:	HIGH
Trust: 0.1

ics-cert@hq.dhs.gov:	CVE-2014-0768
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 3.5
CNVD:	CNVD-2014-02245
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	3013e55a-1edf-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	167bb862-2352-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-68261
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 3013e55a-1edf-11e6-abef-000c29c66e3d // IVD: 167bb862-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-116 // CNVD: CNVD-2014-02245 // VULHUB: VHN-68261 // CNNVD: CNNVD-201404-174 // JVNDB: JVNDB-2014-001979 // NVD: CVE-2014-0768 // NVD: CVE-2014-0768

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-121	Trust: 1.0

sources: VULHUB: VHN-68261 // JVNDB: JVNDB-2014-001979 // NVD: CVE-2014-0768

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-174

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 3013e55a-1edf-11e6-abef-000c29c66e3d // IVD: 167bb862-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201404-174

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001979

PATCH

title:	Advantech WebAccess	url:	http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx	Trust: 0.8
title:	Downloads ::: WebAccess Software	url:	http://webaccess.advantech.com/downloads.php?item=software	Trust: 0.8
title:	Advantech has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03	Trust: 0.7
title:	Advantech WebAccess userName parameter handles patch buffer overflow vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/44784	Trust: 0.6

sources: ZDI: ZDI-14-116 // CNVD: CNVD-2014-02245 // JVNDB: JVNDB-2014-001979

EXTERNAL IDS

db:	NVD	id:	CVE-2014-0768	Trust: 4.5
db:	ICS CERT	id:	ICSA-14-079-03	Trust: 3.1
db:	BID	id:	66732	Trust: 2.0
db:	CNNVD	id:	CNNVD-201404-174	Trust: 1.1
db:	CNVD	id:	CNVD-2014-02245	Trust: 1.0
db:	BID	id:	66740	Trust: 1.0
db:	JVNDB	id:	JVNDB-2014-001979	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-2013	Trust: 0.7
db:	ZDI	id:	ZDI-14-116	Trust: 0.7
db:	OSVDB	id:	105567	Trust: 0.6
db:	SECUNIA	id:	57873	Trust: 0.6
db:	IVD	id:	3013E55A-1EDF-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	167BB862-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-68261	Trust: 0.1

sources: IVD: 3013e55a-1edf-11e6-abef-000c29c66e3d // IVD: 167bb862-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-116 // CNVD: CNVD-2014-02245 // VULHUB: VHN-68261 // BID: 66732 // CNNVD: CNNVD-201404-174 // JVNDB: JVNDB-2014-001979 // NVD: CVE-2014-0768

REFERENCES

url:	http://ics-cert.us-cert.gov/advisories/icsa-14-079-03	Trust: 3.8
url:	http://www.securityfocus.com/bid/66732	Trust: 1.1
url:	http://www.securityfocus.com/bid/66740	Trust: 1.0
url:	http://webaccess.advantech.com/	Trust: 1.0
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0768	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0768	Trust: 0.8
url:	http://osvdb.com/show/osvdb/105567	Trust: 0.6
url:	http://secunia.com/advisories/57873	Trust: 0.6

sources: ZDI: ZDI-14-116 // CNVD: CNVD-2014-02245 // VULHUB: VHN-68261 // CNNVD: CNNVD-201404-174 // JVNDB: JVNDB-2014-001979 // NVD: CVE-2014-0768

CREDITS

Tom Gallagher

Trust: 0.7

sources: ZDI: ZDI-14-116

SOURCES

db:	IVD	id:	3013e55a-1edf-11e6-abef-000c29c66e3d
db:	IVD	id:	167bb862-2352-11e6-abef-000c29c66e3d
db:	ZDI	id:	ZDI-14-116
db:	CNVD	id:	CNVD-2014-02245
db:	VULHUB	id:	VHN-68261
db:	BID	id:	66732
db:	CNNVD	id:	CNNVD-201404-174
db:	JVNDB	id:	JVNDB-2014-001979
db:	NVD	id:	CVE-2014-0768

LAST UPDATE DATE

2025-09-21T23:04:14.113000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-14-116	date:	2014-04-24T00:00:00
db:	CNVD	id:	CNVD-2014-02245	date:	2014-04-11T00:00:00
db:	VULHUB	id:	VHN-68261	date:	2015-07-09T00:00:00
db:	BID	id:	66732	date:	2014-09-03T14:26:00
db:	CNNVD	id:	CNNVD-201404-174	date:	2014-04-15T00:00:00
db:	JVNDB	id:	JVNDB-2014-001979	date:	2014-04-15T00:00:00
db:	NVD	id:	CVE-2014-0768	date:	2025-09-19T20:15:37.343

SOURCES RELEASE DATE

db:	IVD	id:	3013e55a-1edf-11e6-abef-000c29c66e3d	date:	2014-04-11T00:00:00
db:	IVD	id:	167bb862-2352-11e6-abef-000c29c66e3d	date:	2014-04-11T00:00:00
db:	ZDI	id:	ZDI-14-116	date:	2014-04-24T00:00:00
db:	CNVD	id:	CNVD-2014-02245	date:	2014-04-11T00:00:00
db:	VULHUB	id:	VHN-68261	date:	2014-04-12T00:00:00
db:	BID	id:	66732	date:	2014-04-08T00:00:00
db:	CNNVD	id:	CNNVD-201404-174	date:	2014-04-15T00:00:00
db:	JVNDB	id:	JVNDB-2014-001979	date:	2014-04-15T00:00:00
db:	NVD	id:	CVE-2014-0768	date:	2014-04-12T04:37:31.597