CVE-2014-0764
Advantech WebAccess < 7.1 - Remote Code Execution via NodeName Parameter Buffer Overflow
Title source: llmDescription
By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely.
References (5)
Core 5
Core References
Third Party Advisory, US Government Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Various Sources
http://webaccess.advantech.com/
Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/66718
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66740
Scores
EPSS
0.0118
EPSS Percentile
79.0%
Details
CWE
CWE-119
CWE-121
Status
published
Products (6)
advantech/advantech_webaccess
5.0
advantech/advantech_webaccess
6.0
advantech/advantech_webaccess
7.0
advantech/advantech_webaccess
< 7.1
Advantech/WebAccess
< 7.1
Advantech/WebAccess
7.2
Published
Apr 12, 2014
Tracked Since
Feb 18, 2026