Medium
Processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.
Remote code execution
Advantech
Advantech WebAccess HMI Designer Version 2.1.9.23 and prior.
Advantech has released Version 2.1.9.31 of WebAccess HMI Designer to address the reported vulnerability.