CVE-2014-0765

critical

Description

To exploit this vulnerability, the attacker sends data from the GotoCmd argument to control. If the value of the argument is overly long, the static stack buffer can be overflowed. This will allow the attacker to execute arbitrary code remotely.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03

http://www.securityfocus.com/bid/66740

http://www.securityfocus.com/bid/66722

http://webaccess.advantech.com/

http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03

Details

Source: Mitre, NVD

Published: 2014-04-12

Updated: 2025-09-19

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.01493

Detections

Analytics