Advantech.WebAccess.Datacore.Heap.Overflow

description-logoDescription

This indicates an attempt to exploit a Heap Overflow vulnerability in Advantech WebAccess.
The vulnerability is caused by a bounds-checking error while calling the strcpy() function in datacore.exe. It allows remote attackers to execute arbitrary code by sending overly long strings within an RPC request.

affected-products-logoAffected Products

Advantech WebAccess 8.1 and prior

Impact logoImpact

System compromise: Remote code execution.

recomended-action-logoRecommended Actions

Currently we are unaware of any official fix for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-10 14.629 Severity:high:critical