PT-2016-1124 · Advantech · Advantech Webaccess

Publicado

2016-01-15

Atualizado

2016-12-03

CVE-2016-0859

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Advantech WebAccess versions prior to 8.1

Description The issue is caused by an integer overflow in the Kernel service of Advantech WebAccess. This can be exploited by a remote attacker using a specially crafted RPC request, potentially allowing the execution of arbitrary code or causing a denial of service.

Recommendations For Advantech WebAccess versions prior to 8.1, update to version 8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Kernel service to minimize the risk of exploitation.

Correção

RCE

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

BDU:2016-00383

CVE-2016-0859

ZDI-16-104

Produtos afetados

Advantech Webaccess

PT-2016-1124 · Advantech · Advantech Webaccess

CVE-2016-0859

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6