Intrusion Prevention

Advantech.WebAccess.SCADA.webvact.OCX.Buffer.Overflow

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in the Advantech WebAccess SCADA.
The vulnerability, which is located in the "webvact.ocx" ActiveX control, can be exploited through a vulnerable method. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary code within the context of the targeted users' browser.

Affected Products

Advantech WebAccess prior to 7.2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
http://webaccess.advantech.com/downloads.php?item=software

CVE References

CVE-2014-0767