Advantech.WebAccess.webvrpcs.Service.DrawSrv.Code.Execution
Description
This indicates an attack attempt against a Code Execution vulnerability in the Advantech WebAccess.
This issue is caused by an error in the DrawSrv subsystem when handling malicious client requests. An attacker can exploit this to execute arbitrary code on vulnerable systems by sending a specially crafted client request.
Affected Products
Advantech WebAccess 8.2_20170330
Advantech WebAccess 8.2
Advantech WebAccess 8.1_20160519
Advantech WebAccess 8.1
Advantech WebAccess 8.0_20150816
Advantech WebAccess 8
Advantech WebAccess 7.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the web site.
http://www.advantech.com/industrial-automation/webaccess
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-11-19 | 14.726 | Name:Advantech. WebAccess. Webvrpcs. Service. DrawSrv. Code. Execution:Advantech. WebAccess. webvrpcs. Service. DrawSrv. Code. Execution |