CVE-2014-0770

critical

Description

By providing an overly long string to the UserName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03

http://www.securityfocus.com/bid/66740

http://webaccess.advantech.com/

http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03

Details

Source: Mitre, NVD

Published: 2014-04-12

Updated: 2025-09-19

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00917

Detections

Analytics