What is CVE-2014-0767?

CVE-2014-0767 is a vulnerability in Advantech Advantech_webaccess, classified under Stack-based Buffer Overflow. Published 2014-04-12.

Is CVE-2014-0767 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Advantech Advantech_webaccess

CVE-2014-0767

An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. This will overflow the static stack buffer. The attacker may then execute code on the target device remotely.

Vulnerability class: Buffer Overflow

EPSS: 0.012 (79.1th percentile) — read the EPSS interpretation.

Affected products

Advantech Advantech_webaccess — versions 5.0, 6.0, 7.0
Advantech Webaccess — versions 7.2, 0

Weakness classification (CWE)

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

ics-cert@hq.dhs.gov
66740 (vdb-entry, x_refsource_BID)
ics-cert@hq.dhs.gov
af854a3a-2127-422b-91ae-364da2661108 (Third Party Advisory, US Government Resource)
af854a3a-2127-422b-91ae-364da2661108

Frequently asked questions

What is CVE-2014-0767?: CVE-2014-0767 is a vulnerability in Advantech Advantech_webaccess, classified under Stack-based Buffer Overflow. Published 2014-04-12.
Is CVE-2014-0767 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.