Описание
In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.
In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-10991
- https://www.us-cert.gov/ics/advisories/icsa-19-178-05
- https://www.zerodayinitiative.com/advisories/ZDI-19-586
- https://www.zerodayinitiative.com/advisories/ZDI-19-588
- https://www.zerodayinitiative.com/advisories/ZDI-19-589
- https://www.zerodayinitiative.com/advisories/ZDI-19-592
- https://www.zerodayinitiative.com/advisories/ZDI-19-594
- https://www.zerodayinitiative.com/advisories/ZDI-19-619
- https://www.zerodayinitiative.com/advisories/ZDI-19-620
Связанные уязвимости
In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.
Множественные уязвимости процесса webvrpcs программного обеспечения удаленного мониторинга Advantech WebAccess, позволяющие нарушителю выполнить произвольный код