Sign-up

ID

VAR-201404-0547


CVE

CVE-2014-0772


TITLE

Advantech WebAccess bwocxrun.ocx OpenUrlToBufferTimeout Method Arbitrary File Access Vulnerability

Trust: 1.2

sources: IVD: 719091cc-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf371-463f-11e9-a294-000c29342cb1 // IVD: 16660ba2-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02266

DESCRIPTION

The BWOCXRUN.BwocxrunCtrl.1 control contains a method named OpenUrlToBufferTimeout. This method takes a URL as a parameter and returns its contents to the caller in JavaScript. The URLs are accessed in the security context of the current browser session. The control does not perform any URL validation and allows file:// URLs that access the local disk. The method can be used to open a URL (including file URLs) and read the URLs through JavaScript. This method could also be used to reach any arbitrary URL to which the browser has access. This vulnerability allows remote attackers to access arbitrary files on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx cntrol. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Trust: 3.69

sources: NVD: CVE-2014-0772 // JVNDB: JVNDB-2014-001982 // ZDI: ZDI-14-138 // CNVD: CNVD-2014-02266 // BID: 66749 // IVD: 719091cc-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf371-463f-11e9-a294-000c29342cb1 // IVD: 16660ba2-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-68265

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.2

sources: IVD: 719091cc-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf371-463f-11e9-a294-000c29342cb1 // IVD: 16660ba2-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-02266

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope:eqversion:5.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:7.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:6.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:7.1

Trust: 1.2

vendor:advantechmodel:webaccessscope:lteversion:7.1

Trust: 1.0

vendor:advantechmodel:webaccessscope:ltversion:7.2

Trust: 0.8

vendor:advantechmodel:webaccessscope: - version: -

Trust: 0.7

vendor:advantech webaccessmodel: - scope:eqversion:5.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:6.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:7.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:*

Trust: 0.6

sources: IVD: 719091cc-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf371-463f-11e9-a294-000c29342cb1 // IVD: 16660ba2-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-138 // CNVD: CNVD-2014-02266 // CNNVD: CNNVD-201404-177 // JVNDB: JVNDB-2014-001982 // NVD: CVE-2014-0772

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov: CVE-2014-0772
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2014-0772
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-0772
value: MEDIUM

Trust: 0.8

ZDI: CVE-2014-0772
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2014-02266
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201404-177
value: MEDIUM

Trust: 0.6

IVD: 719091cc-1edf-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 7d7bf371-463f-11e9-a294-000c29342cb1
value: MEDIUM

Trust: 0.2

IVD: 16660ba2-2352-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-68265
value: MEDIUM

Trust: 0.1

ics-cert@hq.dhs.gov: CVE-2014-0772
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 3.5

CNVD: CNVD-2014-02266
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 719091cc-1edf-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 7d7bf371-463f-11e9-a294-000c29342cb1
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 16660ba2-2352-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-68265
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 719091cc-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf371-463f-11e9-a294-000c29342cb1 // IVD: 16660ba2-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-14-138 // CNVD: CNVD-2014-02266 // VULHUB: VHN-68265 // CNNVD: CNNVD-201404-177 // JVNDB: JVNDB-2014-001982 // NVD: CVE-2014-0772 // NVD: CVE-2014-0772

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

problemtype:CWE-538

Trust: 1.0

sources: VULHUB: VHN-68265 // JVNDB: JVNDB-2014-001982 // NVD: CVE-2014-0772

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-177

TYPE

Information leakage

Trust: 0.6

sources: IVD: 719091cc-1edf-11e6-abef-000c29c66e3d // IVD: 7d7bf371-463f-11e9-a294-000c29342cb1 // IVD: 16660ba2-2352-11e6-abef-000c29c66e3d

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001982

PATCH
title:Downloads ::: WebAccess Softwareurl:http://webaccess.advantech.com/downloads.php?item=software
Trust: 0.8
title:Advantech WebAccessurl:http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx
Trust: 0.8
title:Advantech has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Trust: 0.7
title:Advantech WebAccess bwocxrun.ocx OpenUrlToBufferTimeout method patch for arbitrary file access vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/44790
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-138 // 
            
            
            
            CNVD: CNVD-2014-02266 // 
            
            
            
            JVNDB: JVNDB-2014-001982

EXTERNAL IDS
db:NVDid:CVE-2014-0772
Trust: 4.7
db:ICS CERTid:ICSA-14-079-03
Trust: 3.1
db:CNNVDid:CNNVD-201404-177
Trust: 1.3
db:CNVDid:CNVD-2014-02266
Trust: 1.2
db:BIDid:66749
Trust: 1.0
db:BIDid:66740
Trust: 1.0
db:JVNDBid:JVNDB-2014-001982
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2094
Trust: 0.7
db:ZDIid:ZDI-14-138
Trust: 0.7
db:OSVDBid:105570
Trust: 0.6
db:SECUNIAid:57873
Trust: 0.6
db:IVDid:719091CC-1EDF-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:7D7BF371-463F-11E9-A294-000C29342CB1
Trust: 0.2
db:IVDid:16660BA2-2352-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-68265
Trust: 0.1
sources:
            
            
            IVD: 719091cc-1edf-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 7d7bf371-463f-11e9-a294-000c29342cb1 // 
            
            
            
            IVD: 16660ba2-2352-11e6-abef-000c29c66e3d // 
            
            
            
            ZDI: ZDI-14-138 // 
            
            
            
            CNVD: CNVD-2014-02266 // 
            
            
            
            VULHUB: VHN-68265 // 
            
            
            
            BID: 66749 // 
            
            
            
            CNNVD: CNNVD-201404-177 // 
            
            
            
            JVNDB: JVNDB-2014-001982 // 
            
            
            
            NVD: CVE-2014-0772

REFERENCES
url:http://ics-cert.us-cert.gov/advisories/icsa-14-079-03
Trust: 3.8
url:http://www.securityfocus.com/bid/66740
Trust: 1.0
url:http://webaccess.advantech.com/
Trust: 1.0
url:https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0772
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0772
Trust: 0.8
url:http://osvdb.com/show/osvdb/105570
Trust: 0.6
url:http://secunia.com/advisories/57873
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-138 // 
            
            
            
            CNVD: CNVD-2014-02266 // 
            
            
            
            VULHUB: VHN-68265 // 
            
            
            
            CNNVD: CNNVD-201404-177 // 
            
            
            
            JVNDB: JVNDB-2014-001982 // 
            
            
            
            NVD: CVE-2014-0772

CREDITS
Anonymous
Trust: 0.7
sources:
            
            
            ZDI: ZDI-14-138

SOURCES
db:IVDid:719091cc-1edf-11e6-abef-000c29c66e3d
db:IVDid:7d7bf371-463f-11e9-a294-000c29342cb1
db:IVDid:16660ba2-2352-11e6-abef-000c29c66e3d
db:ZDIid:ZDI-14-138
db:CNVDid:CNVD-2014-02266
db:VULHUBid:VHN-68265
db:BIDid:66749
db:CNNVDid:CNNVD-201404-177
db:JVNDBid:JVNDB-2014-001982
db:NVDid:CVE-2014-0772

LAST UPDATE DATE
2025-09-21T23:04:13.955000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-14-138date:2014-05-19T00:00:00
db:CNVDid:CNVD-2014-02266date:2014-04-11T00:00:00
db:VULHUBid:VHN-68265date:2014-04-14T00:00:00
db:BIDid:66749date:2014-05-22T17:54:00
db:CNNVDid:CNNVD-201404-177date:2014-04-15T00:00:00
db:JVNDBid:JVNDB-2014-001982date:2014-04-15T00:00:00
db:NVDid:CVE-2014-0772date:2025-09-19T20:15:37.850

SOURCES RELEASE DATE
db:IVDid:719091cc-1edf-11e6-abef-000c29c66e3ddate:2014-04-11T00:00:00
db:IVDid:7d7bf371-463f-11e9-a294-000c29342cb1date:2014-04-11T00:00:00
db:IVDid:16660ba2-2352-11e6-abef-000c29c66e3ddate:2014-04-11T00:00:00
db:ZDIid:ZDI-14-138date:2014-05-19T00:00:00
db:CNVDid:CNVD-2014-02266date:2014-04-11T00:00:00
db:VULHUBid:VHN-68265date:2014-04-12T00:00:00
db:BIDid:66749date:2014-04-08T00:00:00
db:CNNVDid:CNNVD-201404-177date:2014-04-15T00:00:00
db:JVNDBid:JVNDB-2014-001982date:2014-04-15T00:00:00
db:NVDid:CVE-2014-0772date:2014-04-12T04:37:31.673