CVE-2014-0768
Advantech WebAccess < 7.1 - Remote Code Execution via AccessCode2 Argument Buffer Overflow
Title source: llmDescription
An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. The attacker may then remotely execute arbitrary code.
References (5)
Core 5
Core References
Various Sources
http://webaccess.advantech.com/
Third Party Advisory, US Government Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/66732
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66740
Scores
EPSS
0.0118
EPSS Percentile
79.0%
Details
CWE
CWE-119
CWE-121
Status
published
Products (6)
advantech/advantech_webaccess
5.0
advantech/advantech_webaccess
6.0
advantech/advantech_webaccess
7.0
advantech/advantech_webaccess
< 7.1
Advantech/WebAccess
< 7.1
Advantech/WebAccess
7.2
Published
Apr 12, 2014
Tracked Since
Feb 18, 2026