Advantech Webaccess/hmi Designer — known CVE vulnerabilities
Every CVE whose affected-product data names Advantech Webaccess/hmi Designer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2021-33004 — CVSS 7.8 (high): The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow…
CVE-2020-16217 — CVSS 7.8 (high): Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project…
CVE-2021-33000 — CVSS 7.8 (high): Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code…
CVE-2021-33002 — CVSS 7.8 (high): Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code. User…
CVE-2020-16207 — CVSS 7.8 (high): Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by…
CVE-2019-16900 — CVSS 7.5 (high): Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c.
CVE-2019-16901 — CVSS 7.5 (high): Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called…
CVE-2019-16899 — CVSS 7.5 (high): In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PM_V3!CTagInfoThreadBase::GetNICIn…
CVE-2020-16211 — CVSS 5.5 (medium): Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. An out-of-bounds read vulnerability may be exploited by processing specially…