CVE-2020-16213

EPSS 3.0%CWE-787

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 3.0%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

06 ago 2020Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.

Productos afectados

n/a · Advantech WebAccess HMI Designer

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02 https://www.zerodayinitiative.com/advisories/ZDI-20-956/