GCVE - cpe:2.3:a:advantech:webaccess_hmi_designer:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:advantech:webaccess_hmi_designer:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Advantech (`fedf766b-bee1-5692-bcc7-1aa8d9dc594c`)
Product	Webaccess Hmi Designer (`b6db1971-58bd-54f7-b86c-dacb4fa82dbc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-42706`	vulnerable	2026-06-03 14:45:27.400299	AzeoTech DAQFactory HIGH (7.8) This vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer Published: 2021-11-15T14:00:15.754Z Updated: 2024-09-16T20:57:40.667Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-173-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-42703`	vulnerable	2026-06-03 14:45:27.397245	AzeoTech DAQFactory MEDIUM (5.4) This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action. Published: 2021-11-15T14:03:50.578Z Updated: 2024-09-17T00:22:02.697Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-173-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-10961`	vulnerable	2026-06-03 14:39:25.175315	Details available In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution. Published: 2019-08-02T16:06:09.000Z Updated: 2024-08-04T22:40:15.551Z Open on db.gcve.eu Reference links https://www.us-cert.gov/ics/advisories/icsa-19-213-01 https://www.zerodayinitiative.com/advisories/ZDI-19-691/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-8837`	vulnerable	2026-06-03 14:39:09.416106	Details available Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution. Published: 2018-04-25T23:00:00.000Z Updated: 2024-09-16T23:25:22.794Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/103972 https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-8835`	vulnerable	2026-06-03 14:39:09.404240	Details available Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution. Published: 2018-04-25T23:00:00.000Z Updated: 2024-09-17T00:52:16.770Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/103972 https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-8833`	vulnerable	2026-06-03 14:39:09.403365	Details available Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution. Published: 2018-04-25T23:00:00.000Z Updated: 2024-09-17T00:52:16.210Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/103972 https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.