Lucene search
K

The vulnerability of the GetUserPasswd function in the BwPAlarm.dll library of the Advantech WebAccess remote monitoring software allows a intruder to execute arbitrary code.

🗓️ 29 Oct 2019 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 5 Views

GetUserPasswd bug in Advantech WebAccess BwPAlarm.dll allows arbitrary code execution via 70603 control code due to improper buffer validation.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
CNVD
Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32466)
11 Sep 201900:00
cnvd
Check Point Advisories
Advantech WebAccess SCADA Stack-based Buffer Overflow (CVE-2019-3975; CVE-2019-3951)
17 Feb 202000:00
checkpoint_advisories
CVE
CVE-2019-3975
10 Sep 201915:55
cve
Cvelist
CVE-2019-3975
10 Sep 201915:55
cvelist
NVD
CVE-2019-3975
10 Sep 201916:15
nvd
OSV
CVE-2019-3975
10 Sep 201916:15
osv
Prion
Stack overflow
10 Sep 201916:15
prion
RedhatCVE
CVE-2019-3975
22 May 202505:09
redhatcve
Tenable Nessus
Advantech WebAccess webvprcs IOCTL 70603 Stack Overflow
24 Sep 201900:00
nessus
Vulners

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

29 Oct 2019 00:00Current
6Medium risk
Vulners AI Score6
CVSS 27.5
CVSS 39.8
EPSS0.04568
5