CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
95.9%
The remote host is running a version of Advantech WebAccess 7.2 prior to version 7.2-2014.07.30 It is, therefore, affected by multiple vulnerabilities :
An overflow condition exists in the webvact.ocx ActiveX control due to improper validation of user-supplied input when handling the ‘NodeName’ parameter. A remote, unauthenticated attacker can exploit this to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2014-0985)
An overflow condition exists in the webvact.ocx ActiveX control due to improper validation of user-supplied input when handling the ‘GotoCmd’ parameter. A remote, unauthenticated attacker can exploit this to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2014-0986)
An overflow condition exists in the webvact.ocx ActiveX control due to improper validation of user-supplied input when handling the ‘NodeName2’ parameter. A remote, unauthenticated attacker can exploit this to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2014-0987)
An overflow condition exists in the webvact.ocx ActiveX control due to improper validation of user-supplied input when handling the ‘AccessCode’ parameter. A remote, unauthenticated attacker can exploit this to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code.
(CVE-2014-0988)
An overflow condition exists in the webvact.ocx ActiveX control due to improper validation of user-supplied input when handling the ‘AccessCode2’ parameter. A remote, unauthenticated attacker can exploit this to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code.
(CVE-2014-0989)
An overflow condition exists in the webvact.ocx ActiveX control due to improper validation of user-supplied input when handling the ‘UserName’ parameter. A remote, unauthenticated attacker can exploit this to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2014-0990)
An overflow condition exists in an unspecified ActiveX control due to improper validation of user-supplied input when handling the ‘projectname’ parameter. A remote, unauthenticated attacker can exploit this to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code.
(CVE-2014-0991)
An overflow condition exists in an unspecified ActiveX control due to improper validation of user-supplied input when handling the ‘password’ parameter. A remote, unauthenticated attacker can exploit this to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2014-0992)
Binary data scada_advantech_webaccess_7_2_2014_07_30.nbin
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0985
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0986
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0987
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0988
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0989
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0990
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0991
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0992
www.nessus.org/u?32c8d148
ics-cert.us-cert.gov/advisories/ICSA-14-261-01