Sign-up

ID

VAR-201601-0038


CVE

CVE-2016-0856


TITLE

Advantech WebAccess datacore Service datacore.exe Username strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Trust: 2.8

sources: ZDI: ZDI-16-112 // ZDI: ZDI-16-114 // ZDI: ZDI-16-113 // ZDI: ZDI-16-117

DESCRIPTION

Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2795 IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems

Trust: 11.16

sources: NVD: CVE-2016-0856 // ZDI: ZDI-16-090 // ZDI: ZDI-16-091 // ZDI: ZDI-16-078 // ZDI: ZDI-16-109 // ZDI: ZDI-16-117 // ZDI: ZDI-16-110 // ZDI: ZDI-16-072 // ZDI: ZDI-16-075 // ZDI: ZDI-16-061 // ZDI: ZDI-16-113 // ZDI: ZDI-16-114 // ZDI: ZDI-16-112 // ZDI: ZDI-16-051 // ZDI: ZDI-16-094 // ZDI: ZDI-16-062 // CNVD: CNVD-2016-00434 // IVD: 64dba96e-2351-11e6-abef-000c29c66e3d // VULMON: CVE-2016-0856

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 64dba96e-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2016-00434

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope: - version: -

Trust: 10.5

vendor:advantechmodel:webaccessscope:lteversion:8.0

Trust: 1.0

vendor:advantechmodel:webaccessscope:ltversion:8.1

Trust: 0.6

vendor:advantechmodel:webaccessscope:eqversion:8.0

Trust: 0.6

vendor:webaccessmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 64dba96e-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-16-090 // ZDI: ZDI-16-062 // ZDI: ZDI-16-094 // ZDI: ZDI-16-051 // ZDI: ZDI-16-112 // ZDI: ZDI-16-114 // ZDI: ZDI-16-113 // ZDI: ZDI-16-061 // ZDI: ZDI-16-075 // ZDI: ZDI-16-072 // ZDI: ZDI-16-110 // ZDI: ZDI-16-117 // ZDI: ZDI-16-109 // ZDI: ZDI-16-078 // ZDI: ZDI-16-091 // CNVD: CNVD-2016-00434 // CNNVD: CNNVD-201601-329 // NVD: CVE-2016-0856

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2016-0856
value: HIGH

Trust: 10.5

nvd@nist.gov: CVE-2016-0856
value: CRITICAL

Trust: 1.0

CNVD: CNVD-2016-00434
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201601-329
value: CRITICAL

Trust: 0.6

IVD: 64dba96e-2351-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

VULMON: CVE-2016-0856
value: HIGH

Trust: 0.1

ZDI: CVE-2016-0856
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 10.5

nvd@nist.gov: CVE-2016-0856
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2016-00434
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 64dba96e-2351-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2016-0856
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: IVD: 64dba96e-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-16-090 // ZDI: ZDI-16-062 // ZDI: ZDI-16-094 // ZDI: ZDI-16-051 // ZDI: ZDI-16-112 // ZDI: ZDI-16-114 // ZDI: ZDI-16-113 // ZDI: ZDI-16-061 // ZDI: ZDI-16-075 // ZDI: ZDI-16-072 // ZDI: ZDI-16-110 // ZDI: ZDI-16-117 // ZDI: ZDI-16-109 // ZDI: ZDI-16-078 // ZDI: ZDI-16-091 // CNVD: CNVD-2016-00434 // VULMON: CVE-2016-0856 // CNNVD: CNNVD-201601-329 // NVD: CVE-2016-0856

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

sources: NVD: CVE-2016-0856

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201601-329

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201601-329

PATCH

title:Advantech has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01

Trust: 10.5

title:Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2016-00434)url:https://www.cnvd.org.cn/patchInfo/show/70378

Trust: 0.6

title:Advantech WebAccess Fixes for stack-based buffer overflow vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59647

Trust: 0.6

title:Awesome CVE PoCurl:https://github.com/lnick2023/nicenice

Trust: 0.1

title:Awesome CVE PoCurl:https://github.com/xbl3/awesome-cve-poc_qazbnm456

Trust: 0.1

title:Awesome CVE PoCurl:https://github.com/qazbnm456/awesome-cve-poc

Trust: 0.1

sources: ZDI: ZDI-16-090 // ZDI: ZDI-16-062 // ZDI: ZDI-16-094 // ZDI: ZDI-16-051 // ZDI: ZDI-16-112 // ZDI: ZDI-16-114 // ZDI: ZDI-16-113 // ZDI: ZDI-16-061 // ZDI: ZDI-16-075 // ZDI: ZDI-16-072 // ZDI: ZDI-16-110 // ZDI: ZDI-16-117 // ZDI: ZDI-16-109 // ZDI: ZDI-16-078 // ZDI: ZDI-16-091 // CNVD: CNVD-2016-00434 // VULMON: CVE-2016-0856 // CNNVD: CNNVD-201601-329

EXTERNAL IDS

db:NVDid:CVE-2016-0856

Trust: 13.0

db:ZDIid:ZDI-16-112

Trust: 1.8

db:ZDIid:ZDI-16-114

Trust: 1.8

db:ZDIid:ZDI-16-113

Trust: 1.8

db:ZDIid:ZDI-16-110

Trust: 1.8

db:ZDIid:ZDI-16-117

Trust: 1.8

db:ZDIid:ZDI-16-109

Trust: 1.8

db:ZDIid:ZDI-16-120

Trust: 1.1

db:ZDIid:ZDI-16-101

Trust: 1.1

db:ZDIid:ZDI-16-106

Trust: 1.1

db:ZDIid:ZDI-16-118

Trust: 1.1

db:ZDIid:ZDI-16-116

Trust: 1.1

db:ZDIid:ZDI-16-115

Trust: 1.1

db:ZDIid:ZDI-16-102

Trust: 1.1

db:ZDIid:ZDI-16-111

Trust: 1.1

db:ZDIid:ZDI-16-103

Trust: 1.1

db:ZDIid:ZDI-16-108

Trust: 1.1

db:ZDIid:ZDI-16-100

Trust: 1.1

db:ICS CERTid:ICSA-16-014-01

Trust: 1.1

db:CNVDid:CNVD-2016-00434

Trust: 0.8

db:CNNVDid:CNNVD-201601-329

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-3211

Trust: 0.7

db:ZDIid:ZDI-16-090

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3239

Trust: 0.7

db:ZDIid:ZDI-16-062

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3207

Trust: 0.7

db:ZDIid:ZDI-16-094

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3175

Trust: 0.7

db:ZDIid:ZDI-16-051

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3189

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3186

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3188

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3240

Trust: 0.7

db:ZDIid:ZDI-16-061

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3226

Trust: 0.7

db:ZDIid:ZDI-16-075

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3229

Trust: 0.7

db:ZDIid:ZDI-16-072

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3191

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3183

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3192

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3223

Trust: 0.7

db:ZDIid:ZDI-16-078

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-3210

Trust: 0.7

db:ZDIid:ZDI-16-091

Trust: 0.7

db:CXSECURITYid:WLB-2018030263

Trust: 0.6

db:IVDid:64DBA96E-2351-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:PACKETSTORMid:146976

Trust: 0.1

db:VULMONid:CVE-2016-0856

Trust: 0.1

sources: IVD: 64dba96e-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-16-090 // ZDI: ZDI-16-062 // ZDI: ZDI-16-094 // ZDI: ZDI-16-051 // ZDI: ZDI-16-112 // ZDI: ZDI-16-114 // ZDI: ZDI-16-113 // ZDI: ZDI-16-061 // ZDI: ZDI-16-075 // ZDI: ZDI-16-072 // ZDI: ZDI-16-110 // ZDI: ZDI-16-117 // ZDI: ZDI-16-109 // ZDI: ZDI-16-078 // ZDI: ZDI-16-091 // CNVD: CNVD-2016-00434 // VULMON: CVE-2016-0856 // CNNVD: CNNVD-201601-329 // NVD: CVE-2016-0856

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-16-014-01

Trust: 11.7

url:http://www.zerodayinitiative.com/advisories/zdi-16-117

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-112

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-100

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-116

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-103

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-120

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-111

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-115

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-114

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-108

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-102

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-106

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-110

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-109

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-113

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-101

Trust: 1.1

url:http://www.zerodayinitiative.com/advisories/zdi-16-118

Trust: 1.1

url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0856

Trust: 0.6

url:https://cxsecurity.com/issue/wlb-2018030263

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://packetstormsecurity.com/files/146976/advantech-webaccess-webvrpcs-buffer-overflow.html

Trust: 0.1

url:https://github.com/qazbnm456/awesome-cve-poc

Trust: 0.1

sources: ZDI: ZDI-16-090 // ZDI: ZDI-16-062 // ZDI: ZDI-16-094 // ZDI: ZDI-16-051 // ZDI: ZDI-16-112 // ZDI: ZDI-16-114 // ZDI: ZDI-16-113 // ZDI: ZDI-16-061 // ZDI: ZDI-16-075 // ZDI: ZDI-16-072 // ZDI: ZDI-16-110 // ZDI: ZDI-16-117 // ZDI: ZDI-16-109 // ZDI: ZDI-16-078 // ZDI: ZDI-16-091 // CNVD: CNVD-2016-00434 // VULMON: CVE-2016-0856 // CNNVD: CNNVD-201601-329 // NVD: CVE-2016-0856

CREDITS

Anonymous

Trust: 10.5

sources: ZDI: ZDI-16-090 // ZDI: ZDI-16-062 // ZDI: ZDI-16-094 // ZDI: ZDI-16-051 // ZDI: ZDI-16-112 // ZDI: ZDI-16-114 // ZDI: ZDI-16-113 // ZDI: ZDI-16-061 // ZDI: ZDI-16-075 // ZDI: ZDI-16-072 // ZDI: ZDI-16-110 // ZDI: ZDI-16-117 // ZDI: ZDI-16-109 // ZDI: ZDI-16-078 // ZDI: ZDI-16-091

SOURCES

db:IVDid:64dba96e-2351-11e6-abef-000c29c66e3d
db:ZDIid:ZDI-16-090
db:ZDIid:ZDI-16-062
db:ZDIid:ZDI-16-094
db:ZDIid:ZDI-16-051
db:ZDIid:ZDI-16-112
db:ZDIid:ZDI-16-114
db:ZDIid:ZDI-16-113
db:ZDIid:ZDI-16-061
db:ZDIid:ZDI-16-075
db:ZDIid:ZDI-16-072
db:ZDIid:ZDI-16-110
db:ZDIid:ZDI-16-117
db:ZDIid:ZDI-16-109
db:ZDIid:ZDI-16-078
db:ZDIid:ZDI-16-091
db:CNVDid:CNVD-2016-00434
db:VULMONid:CVE-2016-0856
db:CNNVDid:CNNVD-201601-329
db:NVDid:CVE-2016-0856

LAST UPDATE DATE

2026-02-06T23:28:15.286000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-16-090date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-062date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-094date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-051date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-112date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-114date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-113date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-061date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-075date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-072date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-110date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-117date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-109date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-078date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-091date:2016-02-05T00:00:00
db:CNVDid:CNVD-2016-00434date:2016-01-25T00:00:00
db:VULMONid:CVE-2016-0856date:2016-12-03T00:00:00
db:CNNVDid:CNNVD-201601-329date:2021-08-18T00:00:00
db:NVDid:CVE-2016-0856date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:IVDid:64dba96e-2351-11e6-abef-000c29c66e3ddate:2016-01-25T00:00:00
db:ZDIid:ZDI-16-090date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-062date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-094date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-051date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-112date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-114date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-113date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-061date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-075date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-072date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-110date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-117date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-109date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-078date:2016-02-05T00:00:00
db:ZDIid:ZDI-16-091date:2016-02-05T00:00:00
db:CNVDid:CNVD-2016-00434date:2016-01-25T00:00:00
db:VULMONid:CVE-2016-0856date:2016-01-15T00:00:00
db:CNNVDid:CNNVD-201601-329date:2016-01-18T00:00:00
db:NVDid:CVE-2016-0856date:2016-01-15T03:59:18.250