CVE-2014-9208
published 2015-09-11CVE-2014-9208: Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown…
PriorityP262critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
9.26%
94.7th percentile
Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | webaccess | <= 8.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for ActiveX method calls to ASPVCOBJLib.AspDataDriven (AspVCObj.dll) with oversized string arguments (~1044 or ~2068 bytes) to methods: UpdateProject, InterfaceFilter, FileProcess, GetWideStrCpy, GetRecipeInfo, GetLastTagNbr, ConvToSafeArray — indicative of stack-based buffer overflow exploitation. ↗
- →Publicly available exploits exist for this vulnerability; treat any inbound interaction with Advantech WebAccess ActiveX components from untrusted/internet-facing sources as high-risk. ↗
- →An attacker with low skill would be able to exploit this vulnerability — lower the detection threshold accordingly for WebAccess-exposed systems. ↗
- ·All vulnerable methods reside in AspVCObj.dll within the ASPVCOBJLib.AspDataDriven ActiveX control; the overflow trigger buffer sizes differ per method (1044 bytes for most, 2068 bytes for ConvToSafeArray). ↗
- ·Affected versions are WebAccess 8.0 and all prior versions; the fixed version is WebAccess 8.0_20150816. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pv5h-cr3r-gjrc: Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8
ghsa_unreviewed·2022-05-17
CVE-2014-9208 [HIGH] CWE-119 GHSA-pv5h-cr3r-gjrc: Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8
Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors.
CISA ICS
Advantech WebAccess Buffer Overflow Vulnerability (Update A)
cisa_ics·2015-09-08
Advantech WebAccess Buffer Overflow Vulnerability (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Advantech WebAccess Buffer Overflow Vulnerability (Update A)
Last RevisedAugust 27, 2018
Alert CodeICSA-15-251-01A
## OVERVIEW
This updated advisory is a follow-up to the original advisory titled ICSA-15-251-01 Advantech WebAccess Buffer Overflow Vulnerability that was published September 8, 2015, on the NCCIC/ICS-CERT web site.
Security researcher Praveen Darshanam reported a stack-based overflow vulnerability in Advantech’s WebAccess application.
## --------- Begin Update A Part 1 of 3 --------
Advantech has produced a new version of WebAccess to mitigate this vulnerability
No detection rules found.
No writeups or analysis indexed.
2015-09-11
Published