Sign-up

ID

VAR-201404-0546


CVE

CVE-2014-0771


TITLE

Advantech WebAccess bwocxrun.ocx Arbitrary File Access Vulnerability

Trust: 1.2

sources: IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1 // IVD: 166da128-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02264

DESCRIPTION

The BWOCXRUN.BwocxrunCtrl.1 control contains a method named “OpenUrlToBuffer.” This method takes a URL as a parameter and returns its contents to the caller in JavaScript. The URLs are accessed in the security context of the current browser session. The control does not perform any URL validation and allows “file://” URLs that access the local disk. The method can be used to open a URL (including file URLs) and read file URLs through JavaScript. This method could also be used to reach any arbitrary URL to which the browser has access. This vulnerability allows remote attackers to access arbitrary files on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx cntrol. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Trust: 3.69

sources: NVD: CVE-2014-0771 // JVNDB: JVNDB-2014-001981 // ZDI: ZDI-14-137 // CNVD: CNVD-2014-02264 // BID: 66750 // IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1 // IVD: 166da128-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-68264

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.2

sources: IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1 // IVD: 166da128-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02264

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope:eqversion:5.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:7.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:6.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:7.1

Trust: 1.2

vendor:advantechmodel:webaccessscope:lteversion:7.1

Trust: 1.0

vendor:advantechmodel:webaccessscope:ltversion:7.2

Trust: 0.8

vendor:advantechmodel:webaccessscope: - version: -

Trust: 0.7

vendor:advantech webaccessmodel: - scope:eqversion:5.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:6.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:7.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:*

Trust: 0.6

sources: IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1 // IVD: 166da128-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-137 // CNVD: CNVD-2014-02264 // CNNVD: CNNVD-201404-176 // JVNDB: JVNDB-2014-001981 // NVD: CVE-2014-0771

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov: CVE-2014-0771
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2014-0771
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-0771
value: MEDIUM

Trust: 0.8

ZDI: CVE-2014-0771
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2014-02264
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201404-176
value: MEDIUM

Trust: 0.6

IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1
value: MEDIUM

Trust: 0.2

IVD: 166da128-2352-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-68264
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-0771
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

ics-cert@hq.dhs.gov: CVE-2014-0771
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2014-02264
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 166da128-2352-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-68264
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1 // IVD: 166da128-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-137 // CNVD: CNVD-2014-02264 // VULHUB: VHN-68264 // CNNVD: CNNVD-201404-176 // JVNDB: JVNDB-2014-001981 // NVD: CVE-2014-0771 // NVD: CVE-2014-0771

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

problemtype:CWE-538

Trust: 1.0

sources: VULHUB: VHN-68264 // JVNDB: JVNDB-2014-001981 // NVD: CVE-2014-0771

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-176

TYPE

Information leakage

Trust: 0.6

sources: IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1 // IVD: 166da128-2352-11e6-abef-000c29c66e3d

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001981

PATCH
title:Downloads ::: WebAccess Softwareurl:http://webaccess.advantech.com/downloads.php?item=software
Trust: 0.8
title:Advantech WebAccessurl:http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx
Trust: 0.8
title:Advantech has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Trust: 0.7
title:Advantech WebAccess bwocxrun.ocx patch for arbitrary file access vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/44788
Trust: 0.6
title:AdvantechWebAccessCHNNode_2014.03.03_3.3.1url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49251
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-137 // 
            
            
            
            CNVD: CNVD-2014-02264 // 
            
            
            
            CNNVD: CNNVD-201404-176 // 
            
            
            
            JVNDB: JVNDB-2014-001981

EXTERNAL IDS
db:NVDid:CVE-2014-0771
Trust: 4.7
db:ICS CERTid:ICSA-14-079-03
Trust: 3.1
db:CNNVDid:CNNVD-201404-176
Trust: 1.3
db:CNVDid:CNVD-2014-02264
Trust: 1.2
db:BIDid:66750
Trust: 1.0
db:BIDid:66740
Trust: 1.0
db:JVNDBid:JVNDB-2014-001981
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2093
Trust: 0.7
db:ZDIid:ZDI-14-137
Trust: 0.7
db:OSVDBid:105569
Trust: 0.6
db:SECUNIAid:57873
Trust: 0.6
db:IVDid:7271C1CE-1EDF-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:7D7BF370-463F-11E9-80E2-000C29342CB1
Trust: 0.2
db:IVDid:166DA128-2352-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-68264
Trust: 0.1
sources:
            
            
            IVD: 7271c1ce-1edf-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 7d7bf370-463f-11e9-80e2-000c29342cb1 // 
            
            
            
            IVD: 166da128-2352-11e6-abef-000c29c66e3d // 
            
            
            
            ZDI: ZDI-14-137 // 
            
            
            
            CNVD: CNVD-2014-02264 // 
            
            
            
            VULHUB: VHN-68264 // 
            
            
            
            BID: 66750 // 
            
            
            
            CNNVD: CNNVD-201404-176 // 
            
            
            
            JVNDB: JVNDB-2014-001981 // 
            
            
            
            NVD: CVE-2014-0771

REFERENCES
url:http://ics-cert.us-cert.gov/advisories/icsa-14-079-03
Trust: 3.8
url:http://www.securityfocus.com/bid/66740
Trust: 1.0
url:http://webaccess.advantech.com/
Trust: 1.0
url:https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0771
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0771
Trust: 0.8
url:http://osvdb.com/show/osvdb/105569
Trust: 0.6
url:http://secunia.com/advisories/57873
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-137 // 
            
            
            
            CNVD: CNVD-2014-02264 // 
            
            
            
            VULHUB: VHN-68264 // 
            
            
            
            CNNVD: CNNVD-201404-176 // 
            
            
            
            JVNDB: JVNDB-2014-001981 // 
            
            
            
            NVD: CVE-2014-0771

CREDITS
Anonymous
Trust: 0.7
sources:
            
            
            ZDI: ZDI-14-137

SOURCES
db:IVDid:7271c1ce-1edf-11e6-abef-000c29c66e3d
db:IVDid:7d7bf370-463f-11e9-80e2-000c29342cb1
db:IVDid:166da128-2352-11e6-abef-000c29c66e3d
db:ZDIid:ZDI-14-137
db:CNVDid:CNVD-2014-02264
db:VULHUBid:VHN-68264
db:BIDid:66750
db:CNNVDid:CNNVD-201404-176
db:JVNDBid:JVNDB-2014-001981
db:NVDid:CVE-2014-0771

LAST UPDATE DATE
2025-09-21T23:04:14.221000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-14-137date:2014-05-19T00:00:00
db:CNVDid:CNVD-2014-02264date:2014-04-11T00:00:00
db:VULHUBid:VHN-68264date:2014-04-14T00:00:00
db:BIDid:66750date:2014-04-08T00:00:00
db:CNNVDid:CNNVD-201404-176date:2014-04-15T00:00:00
db:JVNDBid:JVNDB-2014-001981date:2014-04-15T00:00:00
db:NVDid:CVE-2014-0771date:2025-09-19T20:15:37.683

SOURCES RELEASE DATE
db:IVDid:7271c1ce-1edf-11e6-abef-000c29c66e3ddate:2014-04-11T00:00:00
db:IVDid:7d7bf370-463f-11e9-80e2-000c29342cb1date:2014-04-11T00:00:00
db:IVDid:166da128-2352-11e6-abef-000c29c66e3ddate:2014-04-11T00:00:00
db:ZDIid:ZDI-14-137date:2014-05-19T00:00:00
db:CNVDid:CNVD-2014-02264date:2014-04-11T00:00:00
db:VULHUBid:VHN-68264date:2014-04-12T00:00:00
db:BIDid:66750date:2014-04-08T00:00:00
db:CNNVDid:CNNVD-201404-176date:2014-04-15T00:00:00
db:JVNDBid:JVNDB-2014-001981date:2014-04-15T00:00:00
db:NVDid:CVE-2014-0771date:2014-04-12T04:37:31.643