Remote Code Execution via Specially Crafted .pm3 Files in Advantech WebAccess HMI Designer 2.1.7.32 and Prior

Remote Code Execution via Specially Crafted .pm3 Files in Advantech WebAccess HMI Designer 2.1.7.32 and Prior

CVE-2018-8837 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution.

Learn more about our Web App Pen Testing.