1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Advantech WebAccess webvrpcs Service BwWebSvc ProjectName sprintf Buffer Overflow

Attack: Advantech WebAccess webvrpcs Service BwWebSvc ProjectName sprintf Buffer Overflow

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to cause a stack buffer overflow in the webvrpcs Service on installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.

Additional Information

The specific flaw exists within the implementation of the 0x13C83 IOCTL in the BwOpcTool subsystem. A stack-based buffer overflow vulnerability exists in a call to memcpy using the ProjectName parameter. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system.

Affected

  • Advantech WebAccess version 8.1-2015.12.30
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube