RPC: Advantech WebAccess IOCTL 10001 BwPFile Stack-based Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Advantech WebAccess. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
Affected Products
Advantech webaccess/hmi_designer
References
CVE: CVE-2020-16215
Short Name
RPC:DCERPC:ADVANTECH-WEB-BO
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
RPC
Keywords
10001 Advantech Buffer BwPFile CVE-2020-16215 IOCTL Overflow Stack-based WebAccess
Release Date
10/28/2020
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3438
False Positive
Unknown
Vendors
Advantech
CVSS Score
9.3