CVE-2019-18257
published 2019-12-17CVE-2019-18257: In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening…
PriorityP266critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.77%
84.5th percentile
In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | diaganywhere | <= 3.07.11 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target the file transfer service of Advantech DiagAnywhere Server listening on TCP — stack-based buffer overflow is triggered via this service by an unauthenticated remote attacker ↗
- →No authentication is required to trigger the vulnerability; monitor for unexpected or malformed connections to the DiagAnywhere Server file transfer TCP service from untrusted/external hosts ↗
- →No known public exploits exist for this CVE as of the advisory date — prioritize network-level controls and anomaly detection on the DiagAnywhere file transfer port ↗
- ·Affected versions are DiagAnywhere Server 3.07.11 and prior; version 3.07.14 is the patched release — ensure version identification is part of asset inventory checks ↗
- ·The vulnerable service is the file transfer component specifically, not all DiagAnywhere Server services — scope detection rules accordingly to that service's TCP port ↗
- ·Exploitation grants privileges of the user running DiagAnywhere Server — assess the service account privilege level in your environment to gauge blast radius ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Advantech DiagAnywhere Server
cisa_ics·2019-12-12·CVSS 9.8
[CRITICAL] Advantech DiagAnywhere Server
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Advantech DiagAnywhere Server
Last RevisedDecember 12, 2019
Alert CodeICSA-19-346-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Advantech
- Equipment: DiagAnywhere Server
- Vulnerability: Stack-based Buffer Overflow
## 2. RISK EVALUATION
Successful exploitation of this vulnerability may allow remote code execution.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of DiagAnywhere Server, used for remotely monitoring and controlling other Windows based devices, are affected:
- DiagAn
GHSA
GHSA-mcw9-h8ch-w6m4: In Advantech DiagAnywhere Server, Versions 3
ghsa_unreviewed·2022-05-24
CVE-2019-18257 [HIGH] CWE-787 GHSA-mcw9-h8ch-w6m4: In Advantech DiagAnywhere Server, Versions 3
In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-12-17
Published