You are here

Advantech WebAccess HMI Designer (ICSMA-20-219-02) – Product Used in the Water and Wastewater and Energy Sectors

Advantech WebAccess HMI Designer (ICSMA-20-219-02) – Product Used in the Water and Wastewater and Energy Sectors

Created: Thursday, August 6, 2020 - 16:45
Categories:
Cybersecurity

CISA has published an advisory on heap-based buffer overflow, out-of-bounds read, out-of-bounds write, type confusion, stack-based buffer overflow, and double free vulnerabilities in Advantech WebAccess HMI Designer. Versions 2.1.9.31 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. Advantech has released Version 2.1.9.81 of WebAccess HMI Designer to address the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.