Lucene search
PRIOn knowledge basePRION:CVE-2014-0773HistoryApr 12, 2014 - 4:37 a.m.
Design/Logic Flaw
2014-04-1204:37:00
PRIOn knowledge base
www.prio-n.com
4
The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to execute (1) setup.exe, (2) bwvbprt.exe, and (3) bwvbprtl.exe programs from arbitrary pathnames via a crafted argument, as demonstrated by a UNC share pathname.
| CPE | Name | Operator | Version |
|---|---|---|---|
| advantech_webaccess | eq | 6.0 | |
| advantech_webaccess | eq | 7.0 | |
| advantech_webaccess | le | 7.1 | |
| advantech_webaccess | eq | 5.0 |
Related
checkpoint_advisories
checkpoint_advisories
Advantech WebAccess SCADA bwocxrun.ocx Command Execution (CVE-2014-0773)
2014-05-14 00:00:00
cvelist
cvelist
CVE-2014-0773
2014-04-12 01:00:00
seebug
seebug
Advantech WebAccess bwocxrun.ocx CreateProcessζΉζ³θΏη¨ε½δ»€ζ§θ‘ζΌζ΄
2014-04-15 00:00:00
cve
cve
CVE-2014-0773
2014-04-12 04:37:31
nvd
nvd
CVE-2014-0773
2014-04-12 04:37:31
zdi
zdi
nessus
nessus
Advantech WebAccess Multiple BWOCXRUN.OCX ActiveX Vulnerabilities
2014-04-14 00:00:00
Advantech WebAccess < 7.2-2013.11.14 Multiple Vulnerabilities
2015-08-17 00:00:00
Advantech WebAccess < 7.2-2013.11.14 Multiple Vulnerabilities
2017-02-14 00:00:00
openvas
openvas
Advantech WebAccess Multiple Vulnerabilities
2014-04-16 00:00:00
ics
ics
Advantech WebAccess Vulnerabilities
2018-09-06 12:00:00