Sign-up

ID

VAR-202006-0370


CVE

CVE-2020-12019


TITLE

Advantech Made WebAccess Node Stack-based buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-005320

DESCRIPTION

WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. WebAccess Node Is Advantech Industrial software provided by. The issue results from incorrect permissions set on a resource used by the service. Authentication is not required to exploit this vulnerability.The specific flaw exists within DATACORE.exe. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess browser-based HMI and SCADA software. Advantech WebAccess is a set of browser-based HMI/SCADA software developed by China Taiwan Advantech Company. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Trust: 3.87

sources: NVD: CVE-2020-12019 // JVNDB: JVNDB-2020-005320 // ZDI: ZDI-20-655 // ZDI: ZDI-20-654 // CNVD: CNVD-2020-32232 // IVD: b5fb5c83-6937-4ff7-a6b9-209011280300 // IVD: 36d665ec-7a01-4e8b-946b-ff1761ca7bf1 // VULHUB: VHN-164655

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: b5fb5c83-6937-4ff7-a6b9-209011280300 // IVD: 36d665ec-7a01-4e8b-946b-ff1761ca7bf1 // CNVD: CNVD-2020-32232

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope: - version: -

Trust: 1.4

vendor:advantechmodel:webaccessscope:lteversion:8.4.4

Trust: 1.0

vendor:advantechmodel:webaccessscope:eqversion:8.4.4

Trust: 0.8

vendor:advantechmodel:webaccess nodescope:lteversion:<=8.4.4

Trust: 0.6

vendor:webaccessmodel: - scope:eqversion:*

Trust: 0.4

sources: IVD: b5fb5c83-6937-4ff7-a6b9-209011280300 // IVD: 36d665ec-7a01-4e8b-946b-ff1761ca7bf1 // ZDI: ZDI-20-655 // ZDI: ZDI-20-654 // CNVD: CNVD-2020-32232 // JVNDB: JVNDB-2020-005320 // NVD: CVE-2020-12019

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-12019
value: CRITICAL

Trust: 1.0

IPA: JVNDB-2020-005320
value: CRITICAL

Trust: 0.8

ZDI: CVE-2020-12019
value: HIGH

Trust: 0.7

ZDI: CVE-2020-12019
value: CRITICAL

Trust: 0.7

CNVD: CNVD-2020-32232
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202006-830
value: CRITICAL

Trust: 0.6

IVD: b5fb5c83-6937-4ff7-a6b9-209011280300
value: HIGH

Trust: 0.2

IVD: 36d665ec-7a01-4e8b-946b-ff1761ca7bf1
value: HIGH

Trust: 0.2

VULHUB: VHN-164655
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-12019
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2020-32232
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: b5fb5c83-6937-4ff7-a6b9-209011280300
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 36d665ec-7a01-4e8b-946b-ff1761ca7bf1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-164655
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-12019
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA score: JVNDB-2020-005320
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-12019
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

ZDI: CVE-2020-12019
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: IVD: b5fb5c83-6937-4ff7-a6b9-209011280300 // IVD: 36d665ec-7a01-4e8b-946b-ff1761ca7bf1 // ZDI: ZDI-20-655 // ZDI: ZDI-20-654 // CNVD: CNVD-2020-32232 // VULHUB: VHN-164655 // JVNDB: JVNDB-2020-005320 // CNNVD: CNNVD-202006-830 // NVD: CVE-2020-12019

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.8

problemtype:CWE-787

Trust: 1.1

sources: VULHUB: VHN-164655 // JVNDB: JVNDB-2020-005320 // NVD: CVE-2020-12019

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202006-830

TYPE

Buffer error

Trust: 1.0

sources: IVD: b5fb5c83-6937-4ff7-a6b9-209011280300 // IVD: 36d665ec-7a01-4e8b-946b-ff1761ca7bf1 // CNNVD: CNNVD-202006-830

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-005320

PATCH
title:Support & Downloadurl:https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV&Doc_Source=Download
Trust: 0.8
title:Patch for Advantech WebAccess Node buffer overflow vulnerability (CNVD-2020-32232)url:https://www.cnvd.org.cn/patchInfo/show/220857
Trust: 0.6
title:Advantech WebAccess Node Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121213
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-32232 // 
            
            
            
            JVNDB: JVNDB-2020-005320 // 
            
            
            
            CNNVD: CNNVD-202006-830

EXTERNAL IDS
db:NVDid:CVE-2020-12019
Trust: 4.9
db:ICS CERTid:ICSA-20-161-01
Trust: 3.1
db:CNVDid:CNVD-2020-32232
Trust: 1.1
db:CNNVDid:CNNVD-202006-830
Trust: 1.1
db:JVNid:JVNVU96784798
Trust: 0.8
db:JVNDBid:JVNDB-2020-005320
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-10017
Trust: 0.7
db:ZDIid:ZDI-20-655
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-9779
Trust: 0.7
db:ZDIid:ZDI-20-654
Trust: 0.7
db:AUSCERTid:ESB-2020.2012
Trust: 0.6
db:NSFOCUSid:47159
Trust: 0.6
db:IVDid:B5FB5C83-6937-4FF7-A6B9-209011280300
Trust: 0.2
db:IVDid:36D665EC-7A01-4E8B-946B-FF1761CA7BF1
Trust: 0.2
db:VULHUBid:VHN-164655
Trust: 0.1
sources:
            
            
            IVD: b5fb5c83-6937-4ff7-a6b9-209011280300 // 
            
            
            
            IVD: 36d665ec-7a01-4e8b-946b-ff1761ca7bf1 // 
            
            
            
            ZDI: ZDI-20-655 // 
            
            
            
            ZDI: ZDI-20-654 // 
            
            
            
            CNVD: CNVD-2020-32232 // 
            
            
            
            VULHUB: VHN-164655 // 
            
            
            
            JVNDB: JVNDB-2020-005320 // 
            
            
            
            CNNVD: CNNVD-202006-830 // 
            
            
            
            NVD: CVE-2020-12019

REFERENCES
url:https://www.us-cert.gov/ics/advisories/icsa-20-161-01
Trust: 3.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12019
Trust: 0.8
url:https://jvn.jp/vu/jvnvu96784798/
Trust: 0.8
url:http://www.nsfocus.net/vulndb/47159
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2020-12019
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.2012/
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-32232 // 
            
            
            
            VULHUB: VHN-164655 // 
            
            
            
            JVNDB: JVNDB-2020-005320 // 
            
            
            
            CNNVD: CNNVD-202006-830 // 
            
            
            
            NVD: CVE-2020-12019

CREDITS
Mat Powell of Trend Micro Zero Day Initiative
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-655

SOURCES
db:IVDid:b5fb5c83-6937-4ff7-a6b9-209011280300
db:IVDid:36d665ec-7a01-4e8b-946b-ff1761ca7bf1
db:ZDIid:ZDI-20-655
db:ZDIid:ZDI-20-654
db:CNVDid:CNVD-2020-32232
db:VULHUBid:VHN-164655
db:JVNDBid:JVNDB-2020-005320
db:CNNVDid:CNNVD-202006-830
db:NVDid:CVE-2020-12019

LAST UPDATE DATE
2024-08-14T13:44:08.028000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-655date:2020-05-14T00:00:00
db:ZDIid:ZDI-20-654date:2020-05-14T00:00:00
db:CNVDid:CNVD-2020-32232date:2020-06-10T00:00:00
db:VULHUBid:VHN-164655date:2021-09-23T00:00:00
db:JVNDBid:JVNDB-2020-005320date:2020-06-11T00:00:00
db:CNNVDid:CNNVD-202006-830date:2020-07-16T00:00:00
db:NVDid:CVE-2020-12019date:2021-09-23T13:39:15.107

SOURCES RELEASE DATE
db:IVDid:b5fb5c83-6937-4ff7-a6b9-209011280300date:2020-06-09T00:00:00
db:IVDid:36d665ec-7a01-4e8b-946b-ff1761ca7bf1date:2020-06-09T00:00:00
db:ZDIid:ZDI-20-655date:2020-05-14T00:00:00
db:ZDIid:ZDI-20-654date:2020-05-14T00:00:00
db:CNVDid:CNVD-2020-32232date:2020-06-10T00:00:00
db:VULHUBid:VHN-164655date:2020-06-15T00:00:00
db:JVNDBid:JVNDB-2020-005320date:2020-06-11T00:00:00
db:CNNVDid:CNNVD-202006-830date:2020-06-09T00:00:00
db:NVDid:CVE-2020-12019date:2020-06-15T20:15:11.537