CVE-2019-3951: Buffer Overflow
First published: Thu Dec 12 2019(Updated: )
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.
Credit: vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Advantech WebAccess | <8.4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-3951?
CVE-2019-3951 is a vulnerability in Advantech WebAccess before 8.4.3 that allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service.
How severe is CVE-2019-3951?
CVE-2019-3951 is classified as a critical vulnerability with a severity score of 9.8 out of 10.
How does CVE-2019-3951 impact Advantech WebAccess?
CVE-2019-3951 can result in remote code execution or a denial of service in Advantech WebAccess versions before 8.4.3.
What is the Common Vulnerabilities and Exposures (CVE) ID for this vulnerability?
The Common Vulnerabilities and Exposures (CVE) ID for this vulnerability is CVE-2019-3951.
How can I fix CVE-2019-3951?
To fix CVE-2019-3951, it is recommended to update Advantech WebAccess to version 8.4.3 or newer.
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/event
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/advantech
- canonical/advantech webaccess