Intrusion Prevention

Advantech.WebAccess.DLL.Stack.Buffer.Overflow

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in the Advantech WebAccess SCADA.
The vulnerability, which is located in the "AspVCObj" ActiveX control, can be exploited through a vulnerable method. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary code within the context of the targeted users' browser.

Affected Products

Advantech WebAccess 8.0, 3.4.3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue

CVE References

CVE-2014-9208