Advantech.WebAccess.Datacore.Heap.Overflow
Description
This indicates an attempt to exploit a Heap Overflow vulnerability in Advantech WebAccess.
The vulnerability is caused by a bounds-checking error while calling the strcpy() function in datacore.exe. It allows remote attackers to execute arbitrary code by sending overly long strings within an RPC request.
Affected Products
Advantech WebAccess 8.1 and prior
Impact
System compromise: Remote code execution.
Recommended Actions
Currently we are unaware of any official fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-06-10 | 14.629 | Severity:high:critical |