Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed.
References
Link | Resource |
---|---|
https://www.us-cert.gov/ics/advisories/icsa-20-128-01 | Third Party Advisory US Government Resource |
https://www.zerodayinitiative.com/advisories/ZDI-20-598/ | Third Party Advisory |
https://www.us-cert.gov/ics/advisories/icsa-20-128-01 | Third Party Advisory US Government Resource |
https://www.zerodayinitiative.com/advisories/ZDI-20-598/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.us-cert.gov/ics/advisories/icsa-20-128-01 - Third Party Advisory, US Government Resource | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-20-598/ - Third Party Advisory |
Information
Published : 2020-05-08 12:15
Updated : 2024-11-21 04:59
NVD link : CVE-2020-12022
Mitre link : CVE-2020-12022
CVE.ORG link : CVE-2020-12022
JSON object : View
Products Affected
advantech
- webaccess
CWE
CWE-129
Improper Validation of Array Index