Details of VAR-202008-0370

ID

VAR-202008-0370

CVE

CVE-2020-16229

TITLE

Advantech Made WebAccess HMI Designer Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2020-007354

DESCRIPTION

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. WebAccess HMI Designer Is Advantech Company Provides Human Machine Interface (HMI) Development software. WebAccess HMI Designer The following multiple vulnerabilities exist in. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PM3 files. An attacker can leverage this vulnerability to execute code in the context of the current process. The product has functions such as data transmission, menu editing and text editing. There is a type confusion vulnerability in Advantech WebAccess HMI Designer 2.1.9.31 and earlier versions, which is caused by the program's failure to correctly verify the data submitted by the user

Trust: 2.88

sources: NVD: CVE-2020-16229 // JVNDB: JVNDB-2020-007354 // ZDI: ZDI-20-954 // CNVD: CNVD-2020-53797 // VULHUB: VHN-169286

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-53797

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess\/hmi designer	scope:	lte	version:	2.1.9.31	Trust: 1.0
vendor:	advantech	model:	webaccess/hmi	scope:	eq	version:	version 2.1.9.31	Trust: 0.8
vendor:	advantech	model:	webaccess/hmi designer	scope:	-	version:	-	Trust: 0.7
vendor:	advantech	model:	webaccess hmi designer	scope:	lte	version:	<=2.1.9.31	Trust: 0.6

sources: ZDI: ZDI-20-954 // CNVD: CNVD-2020-53797 // JVNDB: JVNDB-2020-007354 // NVD: CVE-2020-16229

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA:	JVNDB-2020-007354
value:	HIGH
Trust: 3.2
nvd@nist.gov:	CVE-2020-16229
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2020-007354
value:	CRITICAL
Trust: 0.8
IPA:	JVNDB-2020-007354
value:	LOW
Trust: 0.8
ZDI:	CVE-2020-16229
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2020-53797
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202008-269
value:	HIGH
Trust: 0.6
VULHUB:	VHN-169286
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-16229
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2020-53797
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-169286
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

IPA score:	JVNDB-2020-007354
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 3.2
nvd@nist.gov:	CVE-2020-16229
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
IPA score:	JVNDB-2020-007354
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA score:	JVNDB-2020-007354
baseSeverity:	LOW
baseScore:	3.3
vectorString:	3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2020-16229
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-20-954 // CNVD: CNVD-2020-53797 // VULHUB: VHN-169286 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // CNNVD: CNNVD-202008-269 // NVD: CVE-2020-16229

PROBLEMTYPE DATA

problemtype:

CWE-843

Trust: 1.1

sources: VULHUB: VHN-169286 // NVD: CVE-2020-16229

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202008-269

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202008-269

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-007354

PATCH

title:	Support & Download	url:	https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-F6UG0T	Trust: 0.8
title:	Advantech has issued an update to correct this vulnerability.	url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02	Trust: 0.7
title:	Patch for Advantech WebAccess HMI Designer type confusion vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/235507	Trust: 0.6
title:	Advantech WebAccess HMI Designer Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125553	Trust: 0.6

sources: ZDI: ZDI-20-954 // CNVD: CNVD-2020-53797 // JVNDB: JVNDB-2020-007354 // CNNVD: CNNVD-202008-269

EXTERNAL IDS

db:	NVD	id:	CVE-2020-16229	Trust: 3.8
db:	ICS CERT	id:	ICSA-20-219-02	Trust: 3.1
db:	ZDI	id:	ZDI-20-954	Trust: 2.4
db:	JVN	id:	JVNVU90924965	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-007354	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-10139	Trust: 0.7
db:	CNVD	id:	CNVD-2020-53797	Trust: 0.7
db:	CNNVD	id:	CNNVD-202008-269	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.2721	Trust: 0.6
db:	NSFOCUS	id:	49117	Trust: 0.6
db:	VULHUB	id:	VHN-169286	Trust: 0.1

sources: ZDI: ZDI-20-954 // CNVD: CNVD-2020-53797 // VULHUB: VHN-169286 // JVNDB: JVNDB-2020-007354 // CNNVD: CNNVD-202008-269 // NVD: CVE-2020-16229

REFERENCES

url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02	Trust: 3.8
url:	https://www.zerodayinitiative.com/advisories/zdi-20-954/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16229	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16229	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16215	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16217	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16207	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16211	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16213	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu90924965/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16217	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16207	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16211	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16213	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16215	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.2721/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/49117	Trust: 0.6

sources: ZDI: ZDI-20-954 // CNVD: CNVD-2020-53797 // VULHUB: VHN-169286 // JVNDB: JVNDB-2020-007354 // CNNVD: CNNVD-202008-269 // NVD: CVE-2020-16229

CREDITS

kimiya

Trust: 0.7

sources: ZDI: ZDI-20-954

SOURCES

db:	ZDI	id:	ZDI-20-954
db:	CNVD	id:	CNVD-2020-53797
db:	VULHUB	id:	VHN-169286
db:	JVNDB	id:	JVNDB-2020-007354
db:	CNNVD	id:	CNNVD-202008-269
db:	NVD	id:	CVE-2020-16229

LAST UPDATE DATE

2024-11-23T21:51:24.188000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-20-954	date:	2020-08-10T00:00:00
db:	CNVD	id:	CNVD-2020-53797	date:	2020-09-24T00:00:00
db:	VULHUB	id:	VHN-169286	date:	2022-10-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-007354	date:	2020-08-11T00:00:00
db:	CNNVD	id:	CNNVD-202008-269	date:	2020-09-27T00:00:00
db:	NVD	id:	CVE-2020-16229	date:	2024-11-21T05:06:59.007

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-20-954	date:	2020-08-10T00:00:00
db:	CNVD	id:	CNVD-2020-53797	date:	2020-09-24T00:00:00
db:	VULHUB	id:	VHN-169286	date:	2020-08-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-007354	date:	2020-08-11T00:00:00
db:	CNNVD	id:	CNNVD-202008-269	date:	2020-08-06T00:00:00
db:	NVD	id:	CVE-2020-16229	date:	2020-08-06T19:15:13.987