Vulnerabilities > CVE-2021-33000 - Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).

Common Weakness Enumeration (CWE)