Sign-up

ID

VAR-201404-0548


CVE

CVE-2014-0773


TITLE

Advantech WebAccess bwocxrun.ocx CreateProcess Method Remote Command Execution Vulnerability

Trust: 1.2

sources: IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d // IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d // IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1 // CNVD: CNVD-2014-02268

DESCRIPTION

The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to execute (1) setup.exe, (2) bwvbprt.exe, and (3) bwvbprtl.exe programs from arbitrary pathnames via a crafted argument, as demonstrated by a UNC share pathname. Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bwocxrun.ocx. The control exposes a scriptable method 'CreateProcess'. An attacker can exploit a flaw in the validation code within the method to execute arbitrary commands in the context of the browser. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Attackers can exploit this issue to bypass security restrictions allowing attackers to run arbitrary command lines; this may aid in launching further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Trust: 3.69

sources: NVD: CVE-2014-0773 // JVNDB: JVNDB-2014-001983 // ZDI: ZDI-14-139 // CNVD: CNVD-2014-02268 // BID: 66742 // IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d // IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d // IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1 // VULHUB: VHN-68266

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.2

sources: IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d // IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d // IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1 // CNVD: CNVD-2014-02268

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope:eqversion:5.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:7.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:6.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:7.1

Trust: 1.2

vendor:advantechmodel:webaccessscope:lteversion:7.1

Trust: 1.0

vendor:advantechmodel:webaccessscope:ltversion:7.2

Trust: 0.8

vendor:advantechmodel:webaccessscope: - version: -

Trust: 0.7

vendor:advantech webaccessmodel: - scope:eqversion:5.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:6.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:7.0

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:*

Trust: 0.6

sources: IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d // IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d // IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1 // ZDI: ZDI-14-139 // CNVD: CNVD-2014-02268 // JVNDB: JVNDB-2014-001983 // CNNVD: CNNVD-201404-178 // NVD: CVE-2014-0773

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0773
value: HIGH

Trust: 1.0

NVD: CVE-2014-0773
value: HIGH

Trust: 0.8

ZDI: CVE-2014-0773
value: HIGH

Trust: 0.7

CNVD: CNVD-2014-02268
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201404-178
value: HIGH

Trust: 0.6

IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1
value: HIGH

Trust: 0.2

VULHUB: VHN-68266
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-0773
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

CNVD: CNVD-2014-02268
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-68266
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d // IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d // IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1 // ZDI: ZDI-14-139 // CNVD: CNVD-2014-02268 // VULHUB: VHN-68266 // JVNDB: JVNDB-2014-001983 // CNNVD: CNNVD-201404-178 // NVD: CVE-2014-0773

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2014-001983 // NVD: CVE-2014-0773

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-178

TYPE

Command injection

Trust: 0.6

sources: IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d // IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d // IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001983

PATCH
title:Downloads ::: WebAccess Softwareurl:http://webaccess.advantech.com/downloads.php?item=software
Trust: 0.8
title:Advantech WebAccessurl:http://www.advantech.co.jp/products/GF-1M94V/Advantech-WebAccess/mod_B975C492-56B3-4EBA-8BBB-5B6D3483EE9D.aspx
Trust: 0.8
title:Advantech has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Trust: 0.7
title:Advantech WebAccess bwocxrun.ocx CreateProcess method remote command execution vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/44791
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-139 // 
            
            
            
            CNVD: CNVD-2014-02268 // 
            
            
            
            JVNDB: JVNDB-2014-001983

EXTERNAL IDS
db:NVDid:CVE-2014-0773
Trust: 4.7
db:ICS CERTid:ICSA-14-079-03
Trust: 3.1
db:CNNVDid:CNNVD-201404-178
Trust: 1.3
db:CNVDid:CNVD-2014-02268
Trust: 1.2
db:BIDid:66742
Trust: 1.0
db:JVNDBid:JVNDB-2014-001983
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2095
Trust: 0.7
db:ZDIid:ZDI-14-139
Trust: 0.7
db:OSVDBid:105571
Trust: 0.6
db:SECUNIAid:57873
Trust: 0.6
db:IVDid:704A2DD2-1EDF-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:16B76F4C-2352-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:7D7BCC5F-463F-11E9-AA10-000C29342CB1
Trust: 0.2
db:VULHUBid:VHN-68266
Trust: 0.1
sources:
            
            
            IVD: 704a2dd2-1edf-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 16b76f4c-2352-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 7d7bcc5f-463f-11e9-aa10-000c29342cb1 // 
            
            
            
            ZDI: ZDI-14-139 // 
            
            
            
            CNVD: CNVD-2014-02268 // 
            
            
            
            VULHUB: VHN-68266 // 
            
            
            
            BID: 66742 // 
            
            
            
            JVNDB: JVNDB-2014-001983 // 
            
            
            
            CNNVD: CNNVD-201404-178 // 
            
            
            
            NVD: CVE-2014-0773

REFERENCES
url:http://ics-cert.us-cert.gov/advisories/icsa-14-079-03
Trust: 3.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0773
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0773
Trust: 0.8
url:http://osvdb.com/show/osvdb/105571
Trust: 0.6
url:http://secunia.com/advisories/57873
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-139 // 
            
            
            
            CNVD: CNVD-2014-02268 // 
            
            
            
            VULHUB: VHN-68266 // 
            
            
            
            JVNDB: JVNDB-2014-001983 // 
            
            
            
            CNNVD: CNNVD-201404-178 // 
            
            
            
            NVD: CVE-2014-0773

CREDITS
Anonymous
Trust: 0.7
sources:
            
            
            ZDI: ZDI-14-139

SOURCES
db:IVDid:704a2dd2-1edf-11e6-abef-000c29c66e3d
db:IVDid:16b76f4c-2352-11e6-abef-000c29c66e3d
db:IVDid:7d7bcc5f-463f-11e9-aa10-000c29342cb1
db:ZDIid:ZDI-14-139
db:CNVDid:CNVD-2014-02268
db:VULHUBid:VHN-68266
db:BIDid:66742
db:JVNDBid:JVNDB-2014-001983
db:CNNVDid:CNNVD-201404-178
db:NVDid:CVE-2014-0773

LAST UPDATE DATE
2024-08-14T13:35:09.430000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-14-139date:2014-05-19T00:00:00
db:CNVDid:CNVD-2014-02268date:2014-04-11T00:00:00
db:VULHUBid:VHN-68266date:2014-04-14T00:00:00
db:BIDid:66742date:2014-04-08T00:00:00
db:JVNDBid:JVNDB-2014-001983date:2014-04-15T00:00:00
db:CNNVDid:CNNVD-201404-178date:2014-04-16T00:00:00
db:NVDid:CVE-2014-0773date:2014-04-14T17:56:26.973

SOURCES RELEASE DATE
db:IVDid:704a2dd2-1edf-11e6-abef-000c29c66e3ddate:2014-04-11T00:00:00
db:IVDid:16b76f4c-2352-11e6-abef-000c29c66e3ddate:2014-04-11T00:00:00
db:IVDid:7d7bcc5f-463f-11e9-aa10-000c29342cb1date:2014-04-11T00:00:00
db:ZDIid:ZDI-14-139date:2014-05-19T00:00:00
db:CNVDid:CNVD-2014-02268date:2014-04-11T00:00:00
db:VULHUBid:VHN-68266date:2014-04-12T00:00:00
db:BIDid:66742date:2014-04-08T00:00:00
db:JVNDBid:JVNDB-2014-001983date:2014-04-15T00:00:00
db:CNNVDid:CNNVD-201404-178date:2014-04-16T00:00:00
db:NVDid:CVE-2014-0773date:2014-04-12T04:37:31.707