The NCCIC has published an advisory on an out-of-bounds write vulnerability in Advantech WebAccess HMI Designer. Versions 2.1.9.23 and prior are affected. Successful exploitation of this vulnerability may allow an attacker to remotely execute arbitrary code. Advantech has released Version 2.1.9.31 of WebAccess HMI Designer to address the reported vulnerability. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.
H2OSecCon 2025- a virtual security event for the water sector - happening May 20th. Register Now!
