CVE-2019-10961 - OpenCVE

In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Advantech	Webaccess Hmi Designer

Configuration 1 [-]

cpe:2.3:a:advantech:webaccess_hmi_designer:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.us-cert.gov/ics/advisories/icsa-19-213-01
https://www.zerodayinitiative.com/advisories/ZDI-19-691/

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2019-08-02T16:06:09

Updated: 2024-08-04T22:40:15.551Z

Reserved: 2019-04-08T00:00:00

Link: CVE-2019-10961

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-08-02T17:15:14.327

Modified: 2023-03-03T15:51:17.100

Link: CVE-2019-10961

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Advantech WebAccess HMI Designer", "vendor": "n/a", "versions": [{"status": "affected", "version": "Version 2.1.9.23 and prior"}]}], "descriptions": [{"lang": "en", "value": "In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "OUT-OF-BOUNDS WRITE CWE-787", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-08-05T15:06:14", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-01"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-691/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2019-10961", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Advantech WebAccess HMI Designer", "version": {"version_data": [{"version_value": "Version 2.1.9.23 and prior"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "OUT-OF-BOUNDS WRITE CWE-787"}]}]}, "references": {"reference_data": [{"name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-01", "refsource": "MISC", "url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-01"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-691/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-691/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T22:40:15.551Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-01"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-691/"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2019-10961", "datePublished": "2019-08-02T16:06:09", "dateReserved": "2019-04-08T00:00:00", "dateUpdated": "2024-08-04T22:40:15.551Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:advantech:webaccess_hmi_designer:*:*:*:*:*:*:*:*", "matchCriteriaId": "094A31CD-7B8D-4E77-A6F5-64EE2148F424", "versionEndIncluding": "2.1.7.32", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution."}, {"lang": "es", "value": "En WebAccess HMI Designer de Advantech versi\u00f3n 2.1.9.23 y anteriores, el procesamiento de archivos MCR especialmente dise\u00f1ados que carecen de una comprobaci\u00f3n apropiada de datos suministrados por el usuario, puede causar que el sistema escriba fuera del \u00e1rea de b\u00fafer prevista, permitiendo la ejecuci\u00f3n de c\u00f3digo remota."}], "id": "CVE-2019-10961", "lastModified": "2023-03-03T15:51:17.100", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-02T17:15:14.327", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-691/"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}