Details of VAR-202008-0382

ID

VAR-202008-0382

CVE

CVE-2020-16217

TITLE

Advantech WebAccess HMI Designer resource management error vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-49488 // CNNVD: CNNVD-202008-268

DESCRIPTION

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash. WebAccess HMI Designer Is Advantech Company Provides Human Machine Interface (HMI) Development software. WebAccess HMI Designer The following multiple vulnerabilities exist in. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PM3 files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. The product has functions such as data transmission, menu editing and text editing

Trust: 2.88

sources: NVD: CVE-2020-16217 // JVNDB: JVNDB-2020-007354 // ZDI: ZDI-20-952 // CNVD: CNVD-2020-49488 // VULHUB: VHN-169273

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-49488

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess\/hmi designer	scope:	lte	version:	2.1.9.31	Trust: 1.0
vendor:	advantech	model:	webaccess/hmi	scope:	eq	version:	version 2.1.9.31	Trust: 0.8
vendor:	advantech	model:	webaccess/hmi designer	scope:	-	version:	-	Trust: 0.7
vendor:	advantech	model:	webaccess hmi designer	scope:	lte	version:	<=2.1.9.31	Trust: 0.6

sources: ZDI: ZDI-20-952 // CNVD: CNVD-2020-49488 // JVNDB: JVNDB-2020-007354 // NVD: CVE-2020-16217

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA:	JVNDB-2020-007354
value:	HIGH
Trust: 3.2
nvd@nist.gov:	CVE-2020-16217
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2020-007354
value:	CRITICAL
Trust: 0.8
IPA:	JVNDB-2020-007354
value:	LOW
Trust: 0.8
ZDI:	CVE-2020-16217
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2020-49488
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202008-268
value:	HIGH
Trust: 0.6
VULHUB:	VHN-169273
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-16217
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2020-49488
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-169273
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

IPA score:	JVNDB-2020-007354
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 3.2
nvd@nist.gov:	CVE-2020-16217
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
IPA score:	JVNDB-2020-007354
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA score:	JVNDB-2020-007354
baseSeverity:	LOW
baseScore:	3.3
vectorString:	3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2020-16217
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-20-952 // CNVD: CNVD-2020-49488 // VULHUB: VHN-169273 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // JVNDB: JVNDB-2020-007354 // CNNVD: CNNVD-202008-268 // NVD: CVE-2020-16217

PROBLEMTYPE DATA

problemtype:

CWE-415

Trust: 1.1

sources: VULHUB: VHN-169273 // NVD: CVE-2020-16217

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202008-268

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202008-268

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-007354

PATCH

title:	Support & Download	url:	https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-F6UG0T	Trust: 0.8
title:	Advantech has issued an update to correct this vulnerability.	url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02	Trust: 0.7
title:	Patch for Advantech WebAccess HMI Designer resource management error vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/231130	Trust: 0.6
title:	Advantech WebAccess HMI Designer Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125552	Trust: 0.6

sources: ZDI: ZDI-20-952 // CNVD: CNVD-2020-49488 // JVNDB: JVNDB-2020-007354 // CNNVD: CNNVD-202008-268

EXTERNAL IDS

db:	NVD	id:	CVE-2020-16217	Trust: 3.8
db:	ICS CERT	id:	ICSA-20-219-02	Trust: 3.1
db:	ZDI	id:	ZDI-20-952	Trust: 2.4
db:	JVN	id:	JVNVU90924965	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-007354	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-10187	Trust: 0.7
db:	CNVD	id:	CNVD-2020-49488	Trust: 0.7
db:	CNNVD	id:	CNNVD-202008-268	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.2721	Trust: 0.6
db:	NSFOCUS	id:	49120	Trust: 0.6
db:	VULHUB	id:	VHN-169273	Trust: 0.1

sources: ZDI: ZDI-20-952 // CNVD: CNVD-2020-49488 // VULHUB: VHN-169273 // JVNDB: JVNDB-2020-007354 // CNNVD: CNNVD-202008-268 // NVD: CVE-2020-16217

REFERENCES

url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02	Trust: 3.8
url:	https://www.zerodayinitiative.com/advisories/zdi-20-952/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16217	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16229	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16215	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16217	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16207	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16211	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16213	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu90924965/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16207	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16211	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16213	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16229	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16215	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.2721/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/49120	Trust: 0.6

sources: ZDI: ZDI-20-952 // CNVD: CNVD-2020-49488 // VULHUB: VHN-169273 // JVNDB: JVNDB-2020-007354 // CNNVD: CNNVD-202008-268 // NVD: CVE-2020-16217

CREDITS

kimiya

Trust: 0.7

sources: ZDI: ZDI-20-952

SOURCES

db:	ZDI	id:	ZDI-20-952
db:	CNVD	id:	CNVD-2020-49488
db:	VULHUB	id:	VHN-169273
db:	JVNDB	id:	JVNDB-2020-007354
db:	CNNVD	id:	CNNVD-202008-268
db:	NVD	id:	CVE-2020-16217

LAST UPDATE DATE

2024-11-23T21:51:24.109000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-20-952	date:	2020-08-10T00:00:00
db:	CNVD	id:	CNVD-2020-49488	date:	2020-08-31T00:00:00
db:	VULHUB	id:	VHN-169273	date:	2022-10-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-007354	date:	2020-08-11T00:00:00
db:	CNNVD	id:	CNNVD-202008-268	date:	2020-09-27T00:00:00
db:	NVD	id:	CVE-2020-16217	date:	2024-11-21T05:06:57.457

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-20-952	date:	2020-08-10T00:00:00
db:	CNVD	id:	CNVD-2020-49488	date:	2020-08-19T00:00:00
db:	VULHUB	id:	VHN-169273	date:	2020-08-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-007354	date:	2020-08-11T00:00:00
db:	CNNVD	id:	CNNVD-202008-268	date:	2020-08-06T00:00:00
db:	NVD	id:	CVE-2020-16217	date:	2020-08-06T19:15:13.897