Vulnerability CVE-2017-16728

Vulnerability CVE-2017-16728

Published: 2018-01-05

Description:

An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash.

Type:

CWE-476

(NULL Pointer Dereference)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
None	None	Partial

Affected software
Advantech -> Webaccess

References:

http://www.securityfocus.com/bid/102424

https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02

Copyright 2024, cxsecurity.com