CVE-2019-10991: Advantech WebAccess Client bwclient Stack-based Buffer Overflow Remote Code Execution Vulnerability
First published: Fri Jun 28 2019(Updated: )
In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Advantech WebAccess | <=8.3.5 | |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.us-cert.gov/ics/advisories/icsa-19-178-05
- https://www.zerodayinitiative.com/advisories/ZDI-19-620/
- https://www.zerodayinitiative.com/advisories/ZDI-19-589/
- https://www.zerodayinitiative.com/advisories/ZDI-19-588/
- https://www.zerodayinitiative.com/advisories/ZDI-19-592/
- https://www.zerodayinitiative.com/advisories/ZDI-19-586/
- https://www.zerodayinitiative.com/advisories/ZDI-19-594/
- https://www.zerodayinitiative.com/advisories/ZDI-19-619/
Frequently Asked Questions
What is CVE-2019-10991 vulnerability?
CVE-2019-10991 is a stack-based buffer overflow vulnerability in the Advantech WebAccess Client, which allows remote attackers to execute arbitrary code on affected installations without authentication.
How severe is the CVE-2019-10991 vulnerability?
The severity level of CVE-2019-10991 vulnerability is critical with a CVSS score of 9.8.
What is the affected software for CVE-2019-10991 vulnerability?
The affected software for CVE-2019-10991 vulnerability is Advantech WebAccess with version up to and including 8.3.5.
How can remote attackers exploit the CVE-2019-10991 vulnerability?
Remote attackers can exploit the CVE-2019-10991 vulnerability by sending malicious input to the bwclient.exe component via the 0x2711 IOCTL in the webvrpcs process.
Are there any references for CVE-2019-10991 vulnerability?
Yes, you can find references for CVE-2019-10991 vulnerability at the following links: - https://www.us-cert.gov/ics/advisories/icsa-19-178-05 - https://www.zerodayinitiative.com/advisories/ZDI-19-586/ - https://www.zerodayinitiative.com/advisories/ZDI-19-588/
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/first-publish-date
- agent/description
- agent/softwarecombine
- agent/tags
- agent/event
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-19-588
- alias/ZDI-CAN-8063
- alias/CVE-2019-10991
- agent/software-canonical-lookup
- alias/ZDI-19-589
- alias/ZDI-CAN-8064
- alias/ZDI-19-592
- alias/ZDI-CAN-7906
- alias/ZDI-19-620
- alias/ZDI-CAN-8191
- alias/ZDI-19-594
- alias/ZDI-CAN-8117
- alias/ZDI-19-619
- alias/ZDI-CAN-8189
- alias/ZDI-19-586
- alias/ZDI-CAN-7951
- vendor/advantech
- canonical/advantech webaccess
- version/advantech webaccess/8.3.5