CVE-2021-33002

7.8HIGH

Key Information

Vendor
Advantech
Status
Webaccess Hmi Designer
Vendor
CVE Published:
24 June 2021

Summary

Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code. User interaction is require on the WebAccess HMI Designer (versions 2.1.9.95 and prior).

Affected Version(s)

WebAccess HMI Designer = versions 2.1.9.95 and prior

Refferences

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.