Detections
Analytics
Advantech WebAccess webvact ActiveX Multiple Buffer Overflow Vulnerabilities
high Nessus Plugin ID 73646
Language:
Synopsis
The remote host has an ActiveX control installed that is affected by multiple buffer overflow vulnerabilities.Description
The remote host has an ActiveX control installed that is affected by multiple buffer overflow vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code by tricking a user into opening a specially crafted web page.Solution
Upgrade to Advantech WebAccess version 7.2 or higher.Plugin Details
Severity: High
ID: 73646
File Name: scada_advantech_webvact_activex.nbin
Version: 1.276
Type: local
Family: SCADA
Published: 4/14/2014
Updated: 11/12/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2014-0768
Vulnerability Information
CPE: cpe:/a:advantech:webaccess
Required KB Items: SMB/Registry/Enumerated
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/3/2014
Vulnerability Publication Date: 4/8/2014
Exploitable With
Core Impact
Reference Information
CVE: CVE-2014-0764, CVE-2014-0765, CVE-2014-0766, CVE-2014-0767, CVE-2014-0768
BID: 66718, 66722, 66725, 66728, 66732
ICSA: 14-079-03