Advantech Webaccess Hmi Designer — known CVE vulnerabilities
Every CVE whose affected-product data names Advantech Webaccess Hmi Designer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-10961 — CVSS 8.8 (high): In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user…
CVE-2018-8833 — CVSS 7.8 (high): Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted…
CVE-2018-8835 — CVSS 7.8 (high): Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may…
CVE-2018-8837 — CVSS 7.8 (high): Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the…
CVE-2021-42706 — CVSS 7.8 (high): This vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI…
CVE-2021-42703 — CVSS 5.4 (medium): This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens…