cnvd - cnvd-2018-08459

CNVD-2018-08459

Vulnerability from cnvd - Published: 2018-04-26

Title

Advantech WebAccess HMI Designer任意代码执行漏洞

Description

Advantech WebAccess HMI Designer是一个人机界面（HMI）运行时开发软件。 Advantech WebAccess HMI Designer 2.1.7.32及之前版本在处理特制的.pm3文件时存在任意代码执行漏洞，可导致系统在预期缓冲区外写入，并可能允许远程执行代码。

Severity

高

Formal description

厂商尚未提供漏洞修补方案，请关注厂商主页及时更新： http://www.advantech.com/

Reference

https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03

Impacted products

Name
Advantech WebAccess HMI Designer <=2.1.7.32

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-8837"
    }
  },
  "description": "Advantech WebAccess HMI Designer\u662f\u4e00\u4e2a\u4eba\u673a\u754c\u9762\uff08HMI\uff09\u8fd0\u884c\u65f6\u5f00\u53d1\u8f6f\u4ef6\u3002\r\n\r\nAdvantech WebAccess HMI Designer 2.1.7.32\u53ca\u4e4b\u524d\u7248\u672c\u5728\u5904\u7406\u7279\u5236\u7684.pm3\u6587\u4ef6\u65f6\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u53ef\u5bfc\u81f4\u7cfb\u7edf\u5728\u9884\u671f\u7f13\u51b2\u533a\u5916\u5199\u5165\u200b\u200b\uff0c\u5e76\u53ef\u80fd\u5141\u8bb8\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u3002",
  "discovererName": "Source Incite\u7684Steven Seeley",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttp://www.advantech.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-08459",
  "openTime": "2018-04-26",
  "products": {
    "product": "Advantech WebAccess HMI Designer \u003c=2.1.7.32"
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03",
  "serverity": "\u9ad8",
  "submitTime": "2018-04-26",
  "title": "Advantech WebAccess HMI Designer\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2018-8837 (GCVE-0-2018-8837)

Vulnerability from cvelistv5 – Published: 2018-04-25 23:00 – Updated: 2024-09-16 23:25

Summary

Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution.

Severity ?

No CVSS data available.

CWE

CWE-787 - OUT-OF-BOUNDS WRITE CWE-787

Assigner

icscert

References

URL

Tags

	http://www.securityfocus.com/bid/103972	vdb-entryx_refsource_BID
	https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	ICS-CERT	Advantech WebAccess HMI Designer	Affected: Advantech WebAccess HMI Designer, Version 2.1.7.32 and prior.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:02:26.122Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "103972",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103972"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Advantech WebAccess HMI Designer",
          "vendor": "ICS-CERT",
          "versions": [
            {
              "status": "affected",
              "version": "Advantech WebAccess HMI Designer, Version 2.1.7.32 and prior."
            }
          ]
        }
      ],
      "datePublic": "2018-04-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "OUT-OF-BOUNDS WRITE CWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-27T09:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "name": "103972",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103972"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2018-04-25T00:00:00",
          "ID": "CVE-2018-8837",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Advantech WebAccess HMI Designer",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Advantech WebAccess HMI Designer, Version 2.1.7.32 and prior."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ICS-CERT"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "OUT-OF-BOUNDS WRITE CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "103972",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103972"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2018-8837",
    "datePublished": "2018-04-25T23:00:00Z",
    "dateReserved": "2018-03-20T00:00:00",
    "dateUpdated": "2024-09-16T23:25:22.794Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-08459

CVE-2018-8837 (GCVE-0-2018-8837)

Tags

Sightings

Nomenclature