https://www.tenable.com/security/research/tra-2019-41

The Advantech WebAccess/SCADA Network Service (webvrpcs.exe) running on the remote host is affected by a stack-based buffer overflow vulnerability due to improper validation of user-supplied data when processing an IOCTL 70603 RPC request. An unauthenticated, remote attacker can exploit this, via a series of crafted requests, to cause a denial of service condition or the execution of arbitrary code.

Note that the software is reportedly affected by additional vulnerabilities; however, this plugin has not tested for these.

CVE-2019-3975

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins