Advantech

Webaccess Hmi Designer

6 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2021-42703

  • EPSS 0.17%
  • Published 15.11.2021 15:15:06
  • Last modified 21.11.2024 06:28:00

This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.

7.8

CVE-2021-42706

  • EPSS 0.05%
  • Published 15.11.2021 14:15:07
  • Last modified 21.11.2024 06:28:00

This vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer

8.8

CVE-2019-10961

  • EPSS 0.82%
  • Published 02.08.2019 17:15:14
  • Last modified 21.11.2024 04:20:15

In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.

7.8

CVE-2018-8833

  • EPSS 0.78%
  • Published 25.04.2018 23:29:00
  • Last modified 21.11.2024 04:14:24

Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.

7.8

CVE-2018-8835

  • EPSS 0.35%
  • Published 25.04.2018 23:29:00
  • Last modified 21.11.2024 04:14:25

Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.

7.8

CVE-2018-8837

  • EPSS 0.35%
  • Published 25.04.2018 23:29:00
  • Last modified 21.11.2024 04:14:25

Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution.