CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-16215

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.7%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 9.3

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02
https://www.zerodayinitiative.com/advisories/ZDI-20-953/
https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02
https://www.zerodayinitiative.com/advisories/ZDI-20-953/

Products affected by CVE-2020-16215

Advantech » Webaccess/hmi Designer » Version: N/A

cpe:2.3:a:advantech:webaccess/hmi_designer:-
Advantech » Webaccess/hmi Designer » Version: 2.1

cpe:2.3:a:advantech:webaccess/hmi_designer:2.1
Advantech » Webaccess/hmi Designer » Version: 2.1.9.31

cpe:2.3:a:advantech:webaccess/hmi_designer:2.1.9.31

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-16215

Products

Pricing

Contact Us