CVE-2014-0767
Advantech WebAccess < 7.1 - Remote Code Execution via AccessCode Argument Buffer Overflow
Title source: llmDescription
An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. This will overflow the static stack buffer. The attacker may then execute code on the target device remotely.
References (5)
Core 5
Core References
Various Sources
http://webaccess.advantech.com/
Third Party Advisory, US Government Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/66728
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66740
Scores
EPSS
0.0118
EPSS Percentile
79.0%
Details
CWE
CWE-119
CWE-121
Status
published
Products (6)
advantech/advantech_webaccess
5.0
advantech/advantech_webaccess
6.0
advantech/advantech_webaccess
7.0
advantech/advantech_webaccess
< 7.1
Advantech/WebAccess
< 7.1
Advantech/WebAccess
7.2
Published
Apr 12, 2014
Tracked Since
Feb 18, 2026