CVE-2014-2364

Advantech WebAccess < 7.2 - Remote Code Execution via Long String in ActiveX Control Parameters

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-2364. PoCs published by Metasploit, Unknown, juan vazquez, including Metasploit module exploits/windows/browser/advantech_webaccess_dvs_getcolor.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow vulnerability in Advantech WebAccess's dvs.ocx ActiveX control via the GetColor function, achieving remote code execution on vulnerable Windows systems.

Description

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/34757

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow vulnerability in Advantech WebAccess's dvs.ocx ActiveX control via the GetColor function, achieving remote code execution on vulnerable Windows systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Advantech WebAccess dvs.ocx ActiveX control

No auth needed

Prerequisites: Vulnerable version of Advantech WebAccess with dvs.ocx ActiveX control · Internet Explorer (versions < 10) on Windows

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Unknown, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/advantech_webaccess_dvs_getcolor.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow vulnerability in Advantech WebAccess's dvs.ocx ActiveX control via the GetColor function, leveraging a dangerous sprintf call with user-controlled data. It uses ROP gadgets from ijl11.dll to achieve remote code execution on vulnerable Windows systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Advantech WebAccess dvs.ocx ActiveX control

No auth needed

Prerequisites: Vulnerable version of Advantech WebAccess with dvs.ocx ActiveX control · Internet Explorer (versions < 10) on Windows

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit x_refsource_misc

http://packetstormsecurity.com/files/128384/Advantech-WebAccess-dvs.ocx-GetColor-Buffer-Overflow.html

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/68714

Third Party Advisory, US Government Resource

http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02

Various Sources

http://webaccess.advantech.com/

Third Party Advisory, US Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-14-198-02

Scores

EPSS 0.6138

EPSS Percentile 99.0%

Details

CWE

CWE-119 CWE-121

Status published

Products (6)

advantech/advantech_webaccess 5.0

advantech/advantech_webaccess 6.0

advantech/advantech_webaccess 7.0

advantech/advantech_webaccess < 7.1

Advantech/WebAccess < 7.1

Advantech/WebAccess 7.2

Published Jul 19, 2014

Tracked Since Feb 18, 2026