var-201610-0691
Vulnerability from variot

WebAccess can establish an information management platform for users, and simultaneously improve the efficiency of vertical market management development.

HMI / SCADA software webaccess has 4 dll hijack vulnerabilities. When bwopctool.dll, bwabout.dll, BwPAlarm.dll, Webvsid.dll are automatically loaded, Webvrpcs.exe will not verify these dlls, and attackers can place malicious dll files In the directory of the process, the system is attacked. You can download it from http://www.advantech.com.cn/industrial-automation/webaccess/download. This page downloads three versions of webaccess. Any version of webaccess is affected. After installing webaccess, run the batch provided by the word document directly. After processing the file, you can see the effect of dll hijack, and a calculator will pop up after success

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201610-0691",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "advantech",
        "version": "8.1"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "7.2"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "advantech",
        "version": "8.0"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "advantech",
        "version": "7.2*"
      },
      {
        "model": "webaccess",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "advantech",
        "version": "8.0*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ]
  },
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.4,
            "id": "CNVD-2016-10337",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.4,
            "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.2,
            "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2016-10337",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "IVD",
            "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c",
            "trust": 0.2,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebAccess can establish an information management platform for users, and simultaneously improve the efficiency of vertical market management development. \n\nHMI / SCADA software webaccess has 4 dll hijack vulnerabilities. When bwopctool.dll, bwabout.dll, BwPAlarm.dll, Webvsid.dll are automatically loaded, Webvrpcs.exe will not verify these dlls, and attackers can place malicious dll files In the directory of the process, the system is attacked. You can download it from http://www.advantech.com.cn/industrial-automation/webaccess/download. This page downloads three versions of webaccess. Any version of webaccess is affected. After installing webaccess, run the batch provided by the word document directly. After processing the file, you can see the effect of dll hijack, and a calculator will pop up after success",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      },
      {
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      }
    ],
    "trust": 0.72
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "FF7DAE53-C23C-40B0-9F59-13A4DB97F36C",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ]
  },
  "id": "VAR-201610-0691",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ],
    "trust": 1.2173957400000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ]
  },
  "last_update_date": "2022-05-17T02:07:06.759000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HMI / SCADA software webaccess7.2 / 8.0 / 8.1 4 dll hijack vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/82819"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-10-31T00:00:00",
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      },
      {
        "date": "2016-12-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HMI / SCADA software webaccess7.2 / 8.0 / 8.1 has 4 dll hijack vulnerabilities",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10337"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "IVD",
        "id": "ff7dae53-c23c-40b0-9f59-13a4db97f36c"
      }
    ],
    "trust": 0.2
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.