Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code. User interaction is require on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-173-01 | Third Party Advisory US Government Resource |
Configurations
History
01 Jul 2021, 12:37
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
CPE | cpe:2.3:a:advantech:webaccess\/hmi_designer:*:*:*:*:*:*:*:* | |
CWE | CWE-787 | |
References | (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-173-01 - Third Party Advisory, US Government Resource |
24 Jun 2021, 19:00
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-24 18:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-33002
Mitre link : CVE-2021-33002
CVE.ORG link : CVE-2021-33002
JSON object : View
Products Affected
advantech
- webaccess\/hmi_designer
CWE
CWE-787
Out-of-bounds Write