cbcvebase.
CVE-2019-18257
published 2019-12-17

CVE-2019-18257: In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening…

PriorityP266critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.77%
84.5th percentile
In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server.

Affected

1 ranges
VendorProductVersion rangeFixed in
advantechdiaganywhere<= 3.07.11

Detection & IOCsextracted from sources · hover to see the quote

  • Target the file transfer service of Advantech DiagAnywhere Server listening on TCP — stack-based buffer overflow is triggered via this service by an unauthenticated remote attacker
  • No authentication is required to trigger the vulnerability; monitor for unexpected or malformed connections to the DiagAnywhere Server file transfer TCP service from untrusted/external hosts
  • No known public exploits exist for this CVE as of the advisory date — prioritize network-level controls and anomaly detection on the DiagAnywhere file transfer port
  • ·Affected versions are DiagAnywhere Server 3.07.11 and prior; version 3.07.14 is the patched release — ensure version identification is part of asset inventory checks
  • ·The vulnerable service is the file transfer component specifically, not all DiagAnywhere Server services — scope detection rules accordingly to that service's TCP port
  • ·Exploitation grants privileges of the user running DiagAnywhere Server — assess the service account privilege level in your environment to gauge blast radius

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.