cvelistv5 - CVE-2019-10991

Source	URL	Tags
ics-cert@hq.dhs.gov	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	Third Party Advisory, US Government Resource
ics-cert@hq.dhs.gov	https://www.zerodayinitiative.com/advisories/ZDI-19-586/	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://www.zerodayinitiative.com/advisories/ZDI-19-588/	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://www.zerodayinitiative.com/advisories/ZDI-19-589/	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://www.zerodayinitiative.com/advisories/ZDI-19-592/	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://www.zerodayinitiative.com/advisories/ZDI-19-594/	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://www.zerodayinitiative.com/advisories/ZDI-19-619/	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://www.zerodayinitiative.com/advisories/ZDI-19-620/	Third Party Advisory, VDB Entry

Vendor	Product
WebAccess	WebAccess/SCADA

icsa-19-178-05

Vulnerability from csaf_cisa

Published

2019-06-27 00:00

Modified

2019-06-27 00:00

Summary

Advantech WebAccess/SCADA

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities may allow information disclosure, deletion of files, and remote code execution.

Critical infrastructure sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Countries/areas deployed

East Asia, United States, Europe

Company headquarters location

Taiwan

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Recommended Practices

NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Mat Powell",
          "Natnael Samson (@NattiSamson)",
          "EljahLG"
        ],
        "organization": "Trend Micro \u0027s Zero Day Initiative (ZDI)",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities may allow information disclosure, deletion of files, and remote code execution.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Energy, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "East Asia, United States, Europe",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Taiwan",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nNCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-178-05 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-178-05.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-178-05 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-178-05"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/cas/tips/ST04-014.html"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Advantech WebAccess/SCADA",
    "tracking": {
      "current_release_date": "2019-06-27T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-19-178-05",
      "initial_release_date": "2019-06-27T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2019-06-27T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-19-178-05 Advantech WebAccess/SCADA "
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 8.3.5",
                "product": {
                  "name": "WebAccess/SCADA: Versions 8.3.5 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "WebAccess/SCADA"
          }
        ],
        "category": "vendor",
        "name": "Advantech"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-10985",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator.CVE-2019-10985 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10985"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Advantech has released Version 8.4.1 of WebAccess/SCADA to address the reported vulnerabilities. ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV\u0026Doc_Source=Download"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2019-10991",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.CVE-2019-10991 has been assigned to these vulnerabilities. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10991"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Advantech has released Version 8.4.1 of WebAccess/SCADA to address the reported vulnerabilities. ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV\u0026Doc_Source=Download"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2019-10989",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.CVE-2019-10989 has been assigned to these vulnerabilities. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10989"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Advantech has released Version 8.4.1 of WebAccess/SCADA to address the reported vulnerabilities. ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV\u0026Doc_Source=Download"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2019-10983",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information.CVE-2019-10983 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10983"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Advantech has released Version 8.4.1 of WebAccess/SCADA to address the reported vulnerabilities. ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV\u0026Doc_Source=Download"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2019-10987",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.CVE-2019-10987 has been assigned to these vulnerabilities. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10987"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Advantech has released Version 8.4.1 of WebAccess/SCADA to address the reported vulnerabilities. ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV\u0026Doc_Source=Download"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2019-10993",
      "cwe": {
        "id": "CWE-822",
        "name": "Untrusted Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code.CVE-2019-10993 has been assigned to these vulnerabilities. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10993"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Advantech has released Version 8.4.1 of WebAccess/SCADA to address the reported vulnerabilities. ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV\u0026Doc_Source=Download"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

var-201906-1028

Vulnerability from variot

In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. WebAccess/SCADA Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x271C IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. An information disclosure vulnerability 5. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201906-1028",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": null,
        "trust": 4.9,
        "vendor": "advantech",
        "version": null
      },
      {
        "model": "webaccess",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "advantech",
        "version": "8.3.5"
      },
      {
        "model": "webaccess/scada",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "\u003c=8.3.5"
      },
      {
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3.5"
      },
      {
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3.4"
      },
      {
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3.2"
      },
      {
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.3"
      },
      {
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "model": "webaccess/scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "model": "webaccess/scada",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "advantech",
        "version": "8.4.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "webaccess",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10991"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.3.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10991"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Mat Powell of Trend Micro Zero Day Initiative",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619"
      }
    ],
    "trust": 3.5
  },
  "cve": "CVE-2019-10991",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2019-10991",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-32472",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "917426ff-7065-403b-bd4d-431e7d3751d4",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-142593",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-10991",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 4.9,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-10991",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2019-10991",
            "trust": 4.9,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10991",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-32472",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201906-1075",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "917426ff-7065-403b-bd4d-431e7d3751d4",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142593",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142593"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10991"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. WebAccess/SCADA Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x271C IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. An information disclosure vulnerability\n5. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (\u00e2??../\u00e2??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10991"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142593"
      }
    ],
    "trust": 7.11
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10991",
        "trust": 8.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-178-05",
        "trust": 2.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-620",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-586",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-594",
        "trust": 2.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619",
        "trust": 2.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1075",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "108923",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8191",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7951",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8063",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8064",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7906",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8117",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-8189",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.2350",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "917426FF-7065-403B-BD4D-431E7D3751D4",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142593",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142593"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10991"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ]
  },
  "id": "VAR-201906-1028",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142593"
      }
    ],
    "trust": 1.44565702
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      }
    ]
  },
  "last_update_date": "2023-12-18T11:59:58.353000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Advantech has issued an update to correct this vulnerability.",
        "trust": 4.9,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
      },
      {
        "title": "Advantech WebAccess",
        "trust": 0.8,
        "url": "https://www.advantech.co.jp/industrial-automation/webaccess"
      },
      {
        "title": "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32472)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/181485"
      },
      {
        "title": "Advantech WebAccess/SCADA Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=94178"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142593"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10991"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 7.7,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
      },
      {
        "trust": 2.3,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-620/"
      },
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10991"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-586/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-588/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-589/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-592/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-594/"
      },
      {
        "trust": 1.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-619/"
      },
      {
        "trust": 0.9,
        "url": "http://webaccess.advantech.com"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10991"
      },
      {
        "trust": 0.6,
        "url": "https://www.securityfocus.com/bid/108923"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.2350/"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142593"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10991"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142593"
      },
      {
        "db": "BID",
        "id": "108923"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10991"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-09-21T00:00:00",
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "date": "2019-09-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "date": "2019-06-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142593"
      },
      {
        "date": "2019-06-27T00:00:00",
        "db": "BID",
        "id": "108923"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "date": "2019-06-28T21:15:11.307000",
        "db": "NVD",
        "id": "CVE-2019-10991"
      },
      {
        "date": "2019-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-620"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-586"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-588"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-589"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-592"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-594"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-619"
      },
      {
        "date": "2019-09-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-32472"
      },
      {
        "date": "2023-03-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142593"
      },
      {
        "date": "2019-06-27T00:00:00",
        "db": "BID",
        "id": "108923"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      },
      {
        "date": "2023-03-02T15:58:31.983000",
        "db": "NVD",
        "id": "CVE-2019-10991"
      },
      {
        "date": "2020-08-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebAccess/SCADA Buffer error vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005813"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "917426ff-7065-403b-bd4d-431e7d3751d4"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-1075"
      }
    ],
    "trust": 0.8
  }
}

gsd-2019-10991

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.

Aliases

CVE-2019-10991

Aliases

CVE-2019-10991

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-10991",
    "description": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.",
    "id": "GSD-2019-10991"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-10991"
      ],
      "details": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.",
      "id": "GSD-2019-10991",
      "modified": "2023-12-13T01:23:57.533193Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2019-10991",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "WebAccess/SCADA",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Versions 8.3.5 and prior"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "WebAccess"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
            "refsource": "MISC",
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.3.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10991"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-03-02T15:58Z",
      "publishedDate": "2019-06-28T21:15Z"
    }
  }
}

ghsa-4j2g-7wxj-73hg

Vulnerability from github

Published

2022-05-24 16:49

Modified

2023-03-02 18:30

Severity

9.8 (Critical) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-10991"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-06-28T21:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.",
  "id": "GHSA-4j2g-7wxj-73hg",
  "modified": "2023-03-02T18:30:32Z",
  "published": "2022-05-24T16:49:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10991"
    },
    {
      "type": "WEB",
      "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Action not permitted

CVE-2019-10991

Vulnerability from cvelistv5

icsa-19-178-05

Vulnerability from csaf_cisa

var-201906-1028

Vulnerability from variot

gsd-2019-10991

Vulnerability from gsd

ghsa-4j2g-7wxj-73hg

Vulnerability from github

Tags