Advantech WebAccess webvrpcs.exe 0x138bd IOCTL RCE
High Nessus Plugin ID 124591
SynopsisThe remote host is running a SCADA application that is affected by a remote code execution vulnerability.
DescriptionThe Advantech WebAccess/SCADA Network Service (webvrpcs.exe) running on the remote host is affected by a remote code execution vulnerability due to improper validation of user-supplied data prior to copying it to a fixed-length stack-based buffer when processing an IOCTL 0x138bd RPC message. An unauthenticated, remote attacker can exploit this, via a series of crafted requests, to execute arbitrary code.
SolutionUpgrade to WebAccess/SCADA version 8.3.1 or later.