Unrated severityNVD Advisory· Published Apr 12, 2014· Updated May 6, 2026

CVE-2014-0767

Description

An attacker may exploit this vulnerability by passing an overly long value from the AccessCode argument to the control. This will overflow the static stack buffer. The attacker may then execute code on the target device remotely.

Affected products

Advantech/Advantech Webaccess4 versions
cpe:2.3:a:advantech:advantech_webaccess:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:advantech:advantech_webaccess:*:*:*:*:*:*:*:*range: <=7.1
- cpe:2.3:a:advantech:advantech_webaccess:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:advantech:advantech_webaccess:7.0:*:*:*:*:*:*:*
Advantech/WebAccessv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ics-cert.us-cert.gov/advisories/ICSA-14-079-03nvdThird Party AdvisoryUS Government Resource
webaccess.advantech.comnvd
www.securityfocus.com/bid/66728nvd
www.securityfocus.com/bid/66740nvd
www.cisa.gov/news-events/ics-advisories/icsa-14-079-03nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000