Vulnerabilities > Advantech > Webaccess HMI Designer

DATE CVE VULNERABILITY TITLE RISK
2020-08-06 CVE-2020-16207 Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
local
low complexity
advantech CWE-787
7.8
2019-09-26 CVE-2019-16901 Improper Handling of Exceptional Conditions vulnerability in Advantech Webaccess/Hmi Designer 2.1.9.31
Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4.
network
low complexity
advantech CWE-755
7.5
2019-09-26 CVE-2019-16900 Unspecified vulnerability in Advantech Webaccess/Hmi Designer 2.1.9.31
Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c.
network
low complexity
advantech
7.5
2019-09-26 CVE-2019-16899 Unspecified vulnerability in Advantech Webaccess/Hmi Designer 2.1.9.31
In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918.
network
low complexity
advantech
7.5
2019-08-02 CVE-2019-10961 Out-of-bounds Write vulnerability in Advantech Webaccess HMI Designer 2.1.7.32
In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.
network
low complexity
advantech CWE-787
8.8
2018-04-25 CVE-2018-8837 Out-of-bounds Write vulnerability in Advantech Webaccess HMI Designer 2.1.7.32
Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution.
local
low complexity
advantech CWE-787
7.8
2018-04-25 CVE-2018-8835 Double Free vulnerability in Advantech Webaccess HMI Designer 2.1.7.32
Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.
local
low complexity
advantech CWE-415
7.8
2018-04-25 CVE-2018-8833 Out-of-bounds Write vulnerability in Advantech Webaccess HMI Designer 2.1.7.32
Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.
local
low complexity
advantech CWE-787
7.8