CVE-2014-0772

2014-04-1201:00:00

icscert

www.cve.org

6.4 Medium

AI Score

Confidence

Low

0.022 Low

EPSS

Percentile

89.6%

JSON

The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL.

References

ics-cert.us-cert.gov/advisories/ICSA-14-079-03