Advantech / BroadWin WebAccess Client 'bwocxrun.ocx ' Multiple Remote Vulnerabilities

high Nessus Plugin ID 56993

Synopsis

The remote Windows host has an ActiveX control that is affected by multiple remote vulnerabilites.

Description

The Advantech / BroadWin WebAccess Client ActiveX (bwocxrun.ocx) installed on the remote host is reportedly affected by multiple issues including a format string vulnerability and multiple memory corruption vulnerabilities.

By tricking a victim into visiting a specially crafted web page, an attacker could take advantage of one of these issues to execute arbitrary code in the context of the application.

Solution

Either remove the software or set the kill bit for the affected control.

See Also

http://aluigi.altervista.org/adv/bwocxrun_1-adv.txt

https://ics-cert.us-cert.gov/alerts/ICS-ALERT-11-245-01

http://www.nessus.org/u?d44f6112

Plugin Details

Severity: High

ID: 56993

File Name: scada_advantech_bwocxrun.nbin

Version: 1.211

Type: local

Family: SCADA

Published: 12/2/2011

Updated: 3/26/2024

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:advantech:webaccess, cpe:/a:broadwin:webaccess

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 9/2/2011

Reference Information

BID: 49428

ICS-ALERT: 11-245-01, 11-306-01