CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-10961

In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://www.us-cert.gov/ics/advisories/icsa-19-213-01
https://www.zerodayinitiative.com/advisories/ZDI-19-691/
https://www.us-cert.gov/ics/advisories/icsa-19-213-01
https://www.zerodayinitiative.com/advisories/ZDI-19-691/

Products affected by CVE-2019-10961

Advantech » Webaccess Hmi Designer » Version: N/A

cpe:2.3:a:advantech:webaccess_hmi_designer:-
Advantech » Webaccess Hmi Designer » Version: 2.1.7.32

cpe:2.3:a:advantech:webaccess_hmi_designer:2.1.7.32

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10961

Products

Pricing

Contact Us