The NCCIC has published an advisory on an out-of-bounds write vulnerability in Advantech WebAccess HMI Designer. Versions 2.1.9.23 and prior are affected. Successful exploitation of this vulnerability may allow an attacker to remotely execute arbitrary code. Advantech has released Version 2.1.9.31 of WebAccess HMI Designer to address the reported vulnerability. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!
