What is CVE-2014-0768?

CVE-2014-0768 is a vulnerability in Advantech Advantech_webaccess, classified under Stack-based Buffer Overflow. Published 2014-04-12.

Is CVE-2014-0768 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Advantech Advantech_webaccess

CVE-2014-0768

An attacker may pass an overly long value from the AccessCode2 argument to the control to overflow the static stack buffer. The attacker may then remotely execute arbitrary code.

Vulnerability class: Buffer Overflow

EPSS: 0.012 (79.1th percentile) — read the EPSS interpretation.

Affected products

Advantech Advantech_webaccess — versions 5.0, 6.0, 7.0
Advantech Webaccess — versions 7.2, 0

Weakness classification (CWE)

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

ics-cert@hq.dhs.gov
66740 (vdb-entry, x_refsource_BID)
ics-cert@hq.dhs.gov
af854a3a-2127-422b-91ae-364da2661108 (Third Party Advisory, US Government Resource)
af854a3a-2127-422b-91ae-364da2661108

Frequently asked questions

What is CVE-2014-0768?: CVE-2014-0768 is a vulnerability in Advantech Advantech_webaccess, classified under Stack-based Buffer Overflow. Published 2014-04-12.
Is CVE-2014-0768 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.