Stack-Based Buffer Overflow in WebAccess Node by Vendor
CVE-2020-12019

9.8CRITICAL

Key Information:

Vendor: Advantech
Status: Webaccess Node
Vendor: CVE Published:; 15 June 2020

What is CVE-2020-12019?

WebAccess Node versions up to 8.4.4 are susceptible to a stack-based buffer overflow, allowing attackers to execute arbitrary code remotely. This vulnerability poses significant risks to users of the affected product, enabling unauthorized access and control over the system. It is crucial for organizations using this software to apply necessary updates and implement protective measures to mitigate potential exploitation.

Affected Version(s)

WebAccess Node Version 8.4.4 and prior

References

https://www.us-cert.gov/ics/advisories/icsa-20-161-01

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2020
Vulnerability Reserved
Apr 21, 2020

Advantech

What is CVE-2020-12019?

Affected Version(s)

References

CVSS V3.1

Timeline