CVE-2020-16217

Name of the Vulnerable Software and Affected Versions Advantech WebAccess HMI Designer versions 2.1.9.31 and prior

Description A double free vulnerability exists due to the processing of specially crafted project files, which may allow remote code execution, disclosure or modification of information, or cause the application to crash.

Recommendations For Advantech WebAccess HMI Designer versions 2.1.9.31 and prior, consider avoiding the use of specially crafted project files until a patch is available. As a temporary workaround, restrict access to project file parsing functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.