CVE-2017-12719

HIGH

Advantech WebAccess <V8.2_20170817 - Code Injection

Title source: llm

Description

An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program causing the application to become unavailable.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/101685

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-17-306-02

Scores

CVSS v3 7.5

EPSS 0.0187

EPSS Percentile 83.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476 CWE-822

Status published

Products (2)

advantech/webaccess < 8.2_20170817

n/a/Advantech WebAccess Advantech WebAccess

Published Nov 06, 2017

Tracked Since Feb 18, 2026