Advantech

Webaccess/hmi Designer

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-33000

  • EPSS 0.48%
  • Published 24.06.2021 18:15:08
  • Last modified 21.11.2024 06:08:06

Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).

7.8

CVE-2021-33002

  • EPSS 0.27%
  • Published 24.06.2021 18:15:08
  • Last modified 21.11.2024 06:08:06

Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code. User interaction is require on the WebAccess HMI Designer (versions 2.1.9.95 and prior).

7.8

CVE-2021-33004

  • EPSS 0.36%
  • Published 24.06.2021 18:15:08
  • Last modified 21.11.2024 06:08:06

The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1...

7.8

CVE-2020-16207

  • EPSS 2.63%
  • Published 06.08.2020 19:15:13
  • Last modified 21.11.2024 05:06:56

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by opening specially crafted project files that may overflow the heap, which may allow remote code execution, disclosu...

5.5

CVE-2020-16211

  • EPSS 0.17%
  • Published 06.08.2020 19:15:13
  • Last modified 21.11.2024 05:06:56

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. An out-of-bounds read vulnerability may be exploited by processing specially crafted project files, which may allow an attacker to read information.

7.8

CVE-2020-16213

  • EPSS 0.61%
  • Published 06.08.2020 19:15:13
  • Last modified 21.11.2024 05:06:56

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, which may allow remote code exec...

9.3

CVE-2020-16215

  • EPSS 0.84%
  • Published 06.08.2020 19:15:13
  • Last modified 21.11.2024 05:06:57

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, which may allow remote code execution, disclosure/modif...

7.8

CVE-2020-16217

  • EPSS 1.41%
  • Published 06.08.2020 19:15:13
  • Last modified 21.11.2024 05:06:57

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash...

7.8

CVE-2020-16229

  • EPSS 1.4%
  • Published 06.08.2020 19:15:13
  • Last modified 21.11.2024 05:06:59

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which may allow remote code execution, disclosure/modifica...

7.5

CVE-2019-16899

  • EPSS 0.33%
  • Published 26.09.2019 01:15:11
  • Last modified 21.11.2024 04:31:18

In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918.