Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02 | Third Party Advisory US Government Resource |
https://www.zerodayinitiative.com/advisories/ZDI-20-952/ | Third Party Advisory VDB Entry |
Configurations
Information
Published : 2020-08-06 12:15
Updated : 2022-10-06 16:51
NVD link : CVE-2020-16217
Mitre link : CVE-2020-16217
JSON object : View
CWE
CWE-415
Double Free
Products Affected
advantech
- webaccess\/hmi_designer