Sign-up

ID

VAR-202106-1204


CVE

CVE-2021-33004


TITLE

Advantech  Made  WebAccess/HMI Designer  Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2021-001390

DESCRIPTION

The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior). Advantech Provided by the company WebAccess/HMI Designer Is Human Machine Interface (HMI) Design software. WebAccess/HMI Designer The following multiple vulnerabilities exist in. * Heap-based buffer overflow (CWE-122) - CVE-2021-33000 ‥ * Out-of-bounds writing (CWE-787) - CVE-2021-33002 ‥ * Buffer error (CWE-119) - CVE-2021-33004 ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2021-42706 ‥ * Cross-site scripting (CWE-79) - CVE-2021-42703The expected impact depends on each vulnerability, but it may be affected as follows. * Project files specially crafted by the attacker (PLF File, SNF File, PM3 File ) Will execute arbitrary code on the system - CVE-2021-33000 , CVE-2021-33002 , CVE-2021-33004 ‥ * Information is stolen or arbitrary code is executed by a third party - CVE-2021-42706 ‥ * Crafted by a remote third party Javascript When the code is sent to the product, it can hijack the user's authentication token, redirect the user to a malicious web page, and perform unintended browser operations. - CVE-2021-42703. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PLF files. An attacker can leverage this vulnerability to execute code in the context of the current process. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The product has functions such as data transmission, menu editing and text editing

Trust: 4.77

sources: NVD: CVE-2021-33004 // JVNDB: JVNDB-2021-001390 // ZDI: ZDI-21-489 // ZDI: ZDI-21-441 // ZDI: ZDI-21-442 // ZDI: ZDI-21-490 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-392990

AFFECTED PRODUCTS

vendor:advantechmodel:webaccess/hmi designerscope: - version: -

Trust: 2.8

vendor:advantechmodel:webaccess\/hmi designerscope:lteversion:2.1.9.95

Trust: 1.0

vendor:アドバンテック株式会社model:webaccess/hmiscope:eqversion: -

Trust: 0.8

vendor:アドバンテック株式会社model:webaccess/hmiscope:ltversion:designer v2.1.11.0 earlier s

Trust: 0.8

sources: ZDI: ZDI-21-489 // ZDI: ZDI-21-441 // ZDI: ZDI-21-442 // ZDI: ZDI-21-490 // JVNDB: JVNDB-2021-001390 // NVD: CVE-2021-33004

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2021-33004
value: HIGH

Trust: 2.1

nvd@nist.gov: CVE-2021-33004
value: HIGH

Trust: 1.0

OTHER: JVNDB-2021-001390
value: HIGH

Trust: 0.8

ZDI: ZDI-21-490
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202106-1539
value: HIGH

Trust: 0.6

VULHUB: VHN-392990
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-33004
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-392990
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ZDI: CVE-2021-33004
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 2.1

nvd@nist.gov: CVE-2021-33004
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2021-001390
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: ZDI-21-490
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-489 // ZDI: ZDI-21-441 // ZDI: ZDI-21-442 // ZDI: ZDI-21-490 // VULHUB: VHN-392990 // JVNDB: JVNDB-2021-001390 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-1539 // NVD: CVE-2021-33004

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-119

Trust: 1.0

problemtype:Heap-based buffer overflow (CWE-122) [ Other ]

Trust: 0.8

problemtype: Out-of-bounds writing (CWE-787) [ Other ]

Trust: 0.8

problemtype: Buffer error (CWE-119) [ Other ]

Trust: 0.8

problemtype: Use of freed memory (CWE-416) [ Other ]

Trust: 0.8

problemtype: Cross-site scripting (CWE-79) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-392990 // JVNDB: JVNDB-2021-001390 // NVD: CVE-2021-33004

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202106-1539

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:Contact Us Advantechurl:https://www.advantech.com/contact

Trust: 0.8

title:Advantech WebAccess HMI Designer Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=154579

Trust: 0.6

sources: JVNDB: JVNDB-2021-001390 // CNNVD: CNNVD-202106-1539

EXTERNAL IDS

db:NVDid:CVE-2021-33004

Trust: 4.6

db:ICS CERTid:ICSA-21-173-01

Trust: 2.5

db:ZDIid:ZDI-21-489

Trust: 1.5

db:ZDIid:ZDI-21-441

Trust: 1.5

db:ZDIid:ZDI-21-442

Trust: 1.5

db:ZDIid:ZDI-21-490

Trust: 1.5

db:JVNid:JVNVU98262671

Trust: 0.8

db:ZDIid:ZDI-21-488

Trust: 0.8

db:ZDIid:ZDI-21-487

Trust: 0.8

db:JVNDBid:JVNDB-2021-001390

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-12274

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-12280

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-12477

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-12276

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2021.2214

Trust: 0.6

db:CS-HELPid:SB2021062305

Trust: 0.6

db:CNNVDid:CNNVD-202106-1539

Trust: 0.6

db:VULHUBid:VHN-392990

Trust: 0.1

sources: ZDI: ZDI-21-489 // ZDI: ZDI-21-441 // ZDI: ZDI-21-442 // ZDI: ZDI-21-490 // VULHUB: VHN-392990 // JVNDB: JVNDB-2021-001390 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-1539 // NVD: CVE-2021-33004

REFERENCES

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-173-01

Trust: 3.1

url:http://jvn.jp/cert/jvnvu98262671

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-21-441/

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-21-442/

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-21-487/

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-21-488/

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-21-489/

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-21-490/

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2214

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062305

Trust: 0.6

sources: VULHUB: VHN-392990 // JVNDB: JVNDB-2021-001390 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-1539 // NVD: CVE-2021-33004

CREDITS

kimiya

Trust: 2.8

sources: ZDI: ZDI-21-489 // ZDI: ZDI-21-441 // ZDI: ZDI-21-442 // ZDI: ZDI-21-490

SOURCES

db:ZDIid:ZDI-21-489
db:ZDIid:ZDI-21-441
db:ZDIid:ZDI-21-442
db:ZDIid:ZDI-21-490
db:VULHUBid:VHN-392990
db:JVNDBid:JVNDB-2021-001390
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202106-1539
db:NVDid:CVE-2021-33004

LAST UPDATE DATE

2024-08-14T12:52:44.739000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-489date:2021-06-24T00:00:00
db:ZDIid:ZDI-21-441date:2021-06-23T00:00:00
db:ZDIid:ZDI-21-442date:2021-06-24T00:00:00
db:ZDIid:ZDI-21-490date:2021-04-28T00:00:00
db:VULHUBid:VHN-392990date:2022-07-02T00:00:00
db:JVNDBid:JVNDB-2021-001390date:2021-11-12T05:12:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202106-1539date:2022-07-04T00:00:00
db:NVDid:CVE-2021-33004date:2022-07-02T18:15:59.403

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-489date:2021-06-24T00:00:00
db:ZDIid:ZDI-21-441date:2021-04-27T00:00:00
db:ZDIid:ZDI-21-442date:2021-06-24T00:00:00
db:ZDIid:ZDI-21-490date:2021-04-28T00:00:00
db:VULHUBid:VHN-392990date:2021-06-24T00:00:00
db:JVNDBid:JVNDB-2021-001390date:2021-05-13T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202106-1539date:2021-06-22T00:00:00
db:NVDid:CVE-2021-33004date:2021-06-24T18:15:08.920