Rewterz Threat Alert – Energy Sector Targeted By Karagany
August 1, 2019Rewterz Threat Alert – 3S-Smart Software Solutions GmbH Multiple Vulnerabilities
August 2, 2019Rewterz Threat Alert – Energy Sector Targeted By Karagany
August 1, 2019Rewterz Threat Alert – 3S-Smart Software Solutions GmbH Multiple Vulnerabilities
August 2, 2019Severity
Medium
Analysis Summary
Processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.
Impact
Remote code execution
Affected Vendors
Advantech
Affected Products
Advantech WebAccess HMI Designer Version 2.1.9.23 and prior.
Remediation
Advantech has released Version 2.1.9.31 of WebAccess HMI Designer to address the reported vulnerability.