Details of VAR-201404-0545

ID

VAR-201404-0545

CVE

CVE-2014-0770

TITLE

Advantech WebAccess Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2014-001980

DESCRIPTION

By providing an overly long string to the UserName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webvact.ocx ActiveX Control. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess fails to properly filter user input when processing NodeName parameters, allowing remote attackers to exploit vulnerabilities to submit special parameters that trigger stack buffer overflows, allowing applications to crash or execute arbitrary code. Advantech WebAccess is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a stack-based buffer overflow vulnerability in Advantech WebAccess 7.1 and earlier versions

Trust: 3.69

sources: NVD: CVE-2014-0770 // JVNDB: JVNDB-2014-001980 // ZDI: ZDI-14-075 // CNVD: CNVD-2014-02260 // BID: 66733 // IVD: 2da7cf70-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf372-463f-11e9-9061-000c29342cb1 // IVD: 1673fa5a-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-68263

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.2

sources: IVD: 2da7cf70-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf372-463f-11e9-9061-000c29342cb1 // IVD: 1673fa5a-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02260

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess	scope:	eq	version:	5.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	7.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	6.0	Trust: 1.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	7.1	Trust: 1.2
vendor:	advantech	model:	webaccess	scope:	lte	version:	7.1	Trust: 1.0
vendor:	advantech	model:	webaccess	scope:	lt	version:	7.2	Trust: 0.8
vendor:	advantech	model:	webaccess	scope:	-	version:	-	Trust: 0.7
vendor:	advantech webaccess	model:	-	scope:	eq	version:	5.0	Trust: 0.6
vendor:	advantech webaccess	model:	-	scope:	eq	version:	6.0	Trust: 0.6
vendor:	advantech webaccess	model:	-	scope:	eq	version:	7.0	Trust: 0.6
vendor:	advantech webaccess	model:	-	scope:	eq	version:	*	Trust: 0.6
vendor:	advantech	model:	broadwin webaccess	scope:	eq	version:	7.1	Trust: 0.3
vendor:	advantech	model:	broadwin webaccess	scope:	eq	version:	7.0	Trust: 0.3
vendor:	advantech	model:	broadwin webaccess	scope:	ne	version:	7.2	Trust: 0.3

sources: IVD: 2da7cf70-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf372-463f-11e9-9061-000c29342cb1 // IVD: 1673fa5a-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-075 // CNVD: CNVD-2014-02260 // BID: 66733 // CNNVD: CNNVD-201404-175 // JVNDB: JVNDB-2014-001980 // NVD: CVE-2014-0770

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov:	CVE-2014-0770
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2014-0770
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-0770
value:	HIGH
Trust: 0.8
ZDI:	CVE-2014-0770
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2014-02260
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201404-175
value:	HIGH
Trust: 0.6
IVD:	2da7cf70-1edf-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
IVD:	7d7bf372-463f-11e9-9061-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	1673fa5a-2352-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-68263
value:	HIGH
Trust: 0.1

ics-cert@hq.dhs.gov:	CVE-2014-0770
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 3.5
CNVD:	CNVD-2014-02260
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	2da7cf70-1edf-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	7d7bf372-463f-11e9-9061-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	1673fa5a-2352-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-68263
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 2da7cf70-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf372-463f-11e9-9061-000c29342cb1 // IVD: 1673fa5a-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-075 // CNVD: CNVD-2014-02260 // VULHUB: VHN-68263 // CNNVD: CNNVD-201404-175 // JVNDB: JVNDB-2014-001980 // NVD: CVE-2014-0770 // NVD: CVE-2014-0770

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-121	Trust: 1.0

sources: VULHUB: VHN-68263 // JVNDB: JVNDB-2014-001980 // NVD: CVE-2014-0770

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-175

TYPE

Buffer overflow

Trust: 1.2

sources: IVD: 2da7cf70-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf372-463f-11e9-9061-000c29342cb1 // IVD: 1673fa5a-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201404-175

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001980

PATCH

title:	Downloads ::: WebAccess Software	url:	http://webaccess.advantech.com/downloads.php?item=software	Trust: 0.8
title:	Advantech WebAccess	url:	http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx	Trust: 0.8
title:	Advantech has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03	Trust: 0.7
title:	Patch for Advantech WebAccess NodeName parameter handling stack buffer overflow vulnerability (CNVD-2014-02260)	url:	https://www.cnvd.org.cn/patchInfo/show/44785	Trust: 0.6

sources: ZDI: ZDI-14-075 // CNVD: CNVD-2014-02260 // JVNDB: JVNDB-2014-001980

EXTERNAL IDS

db:	NVD	id:	CVE-2014-0770	Trust: 4.7
db:	ICS CERT	id:	ICSA-14-079-03	Trust: 3.4
db:	CNNVD	id:	CNNVD-201404-175	Trust: 1.3
db:	CNVD	id:	CNVD-2014-02260	Trust: 1.2
db:	BID	id:	66733	Trust: 1.0
db:	BID	id:	66740	Trust: 1.0
db:	JVNDB	id:	JVNDB-2014-001980	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-2014	Trust: 0.7
db:	ZDI	id:	ZDI-14-075	Trust: 0.7
db:	OSVDB	id:	105568	Trust: 0.6
db:	SECUNIA	id:	57873	Trust: 0.6
db:	IVD	id:	2DA7CF70-1EDF-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	7D7BF372-463F-11E9-9061-000C29342CB1	Trust: 0.2
db:	IVD	id:	1673FA5A-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-68263	Trust: 0.1

sources: IVD: 2da7cf70-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf372-463f-11e9-9061-000c29342cb1 // IVD: 1673fa5a-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-075 // CNVD: CNVD-2014-02260 // VULHUB: VHN-68263 // BID: 66733 // CNNVD: CNNVD-201404-175 // JVNDB: JVNDB-2014-001980 // NVD: CVE-2014-0770

REFERENCES

url:	http://ics-cert.us-cert.gov/advisories/icsa-14-079-03	Trust: 3.8
url:	http://www.securityfocus.com/bid/66740	Trust: 1.0
url:	http://webaccess.advantech.com/	Trust: 1.0
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0770	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0770	Trust: 0.8
url:	http://osvdb.com/show/osvdb/105568	Trust: 0.6
url:	http://secunia.com/advisories/57873	Trust: 0.6
url:	http://webaccess.advantech.com	Trust: 0.3
url:	http://advantech.vo.llnwd.net/o35/www/webaccess/webaccess_v7.2_beta_version/webaccessversion7.2.htm	Trust: 0.3
url:	ics-cert.us-cert.gov/advisories/icsa-14-079-03	Trust: 0.3

sources: ZDI: ZDI-14-075 // CNVD: CNVD-2014-02260 // VULHUB: VHN-68263 // BID: 66733 // CNNVD: CNNVD-201404-175 // JVNDB: JVNDB-2014-001980 // NVD: CVE-2014-0770

CREDITS

Tom Gallagher

Trust: 0.7

sources: ZDI: ZDI-14-075

SOURCES

db:	IVD	id:	2da7cf70-1edf-11e6-abef-000c29c66e3d
db:	IVD	id:	7d7bf372-463f-11e9-9061-000c29342cb1
db:	IVD	id:	1673fa5a-2352-11e6-abef-000c29c66e3d
db:	ZDI	id:	ZDI-14-075
db:	CNVD	id:	CNVD-2014-02260
db:	VULHUB	id:	VHN-68263
db:	BID	id:	66733
db:	CNNVD	id:	CNNVD-201404-175
db:	JVNDB	id:	JVNDB-2014-001980
db:	NVD	id:	CVE-2014-0770

LAST UPDATE DATE

2025-09-21T23:04:13.788000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-14-075	date:	2014-04-10T00:00:00
db:	CNVD	id:	CNVD-2014-02260	date:	2014-04-14T00:00:00
db:	VULHUB	id:	VHN-68263	date:	2014-04-14T00:00:00
db:	BID	id:	66733	date:	2014-04-08T00:00:00
db:	CNNVD	id:	CNNVD-201404-175	date:	2014-04-15T00:00:00
db:	JVNDB	id:	JVNDB-2014-001980	date:	2014-04-15T00:00:00
db:	NVD	id:	CVE-2014-0770	date:	2025-09-19T20:15:37.500

SOURCES RELEASE DATE

db:	IVD	id:	2da7cf70-1edf-11e6-abef-000c29c66e3d	date:	2014-04-11T00:00:00
db:	IVD	id:	7d7bf372-463f-11e9-9061-000c29342cb1	date:	2014-04-11T00:00:00
db:	IVD	id:	1673fa5a-2352-11e6-abef-000c29c66e3d	date:	2014-04-11T00:00:00
db:	ZDI	id:	ZDI-14-075	date:	2014-04-10T00:00:00
db:	CNVD	id:	CNVD-2014-02260	date:	2014-04-11T00:00:00
db:	VULHUB	id:	VHN-68263	date:	2014-04-12T00:00:00
db:	BID	id:	66733	date:	2014-04-08T00:00:00
db:	CNNVD	id:	CNNVD-201404-175	date:	2014-04-15T00:00:00
db:	JVNDB	id:	JVNDB-2014-001980	date:	2014-04-15T00:00:00
db:	NVD	id:	CVE-2014-0770	date:	2014-04-12T04:37:31.627