Advantech WebAccess 8.0, 3.4.3 multiple Remote Code Execution Vulnerabilities

September 7, 2015 007admin Leave a comment

Posted by Praveen D on Sep 07

Introduction
*********************************************************************************
Using Advantech WebAccess SCADA Software we can remotely manage Industrial
Control systems devices like RTU’s, Generators, Motors etc. Attackers can
execute code remotely by passing maliciously crafted string to
ConvToSafeArray API in ASPVCOBJLib.AspDataDriven ActiveX.

Operating System: Windows SP1
Affected Product: Advantech WebAccess 8.0, 3.4.3…

007 Software

Advantech WebAccess 8.0, 3.4.3 multiple Remote Code Execution Vulnerabilities

Leave a Reply Cancel reply

Software and Security Information