CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-16229

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02
https://www.zerodayinitiative.com/advisories/ZDI-20-954/
https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02
https://www.zerodayinitiative.com/advisories/ZDI-20-954/

Products affected by CVE-2020-16229

Advantech » Webaccess/hmi Designer » Version: N/A

cpe:2.3:a:advantech:webaccess/hmi_designer:-
Advantech » Webaccess/hmi Designer » Version: 2.1

cpe:2.3:a:advantech:webaccess/hmi_designer:2.1
Advantech » Webaccess/hmi Designer » Version: 2.1.9.31

cpe:2.3:a:advantech:webaccess/hmi_designer:2.1.9.31

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-16229

Products

Pricing

Contact Us