CVE-2019-16900

Vulnerability

Advantech WebAccess/HMI Designer version 2.1.9.31 contains a user-mode write access violation in the memcpy function of MSVCR90.dll at offset 0x15c. The crash occurs when the application processes malformed data, likely from a specially crafted project file or network input. The vulnerability was identified through fuzzing [1].

Exploitation

An attacker can trigger the vulnerability by convincing a user to open a malicious file (e.g., via email or download) with the HMI Designer application. No authentication is required. The crash results from a write to an invalid memory address controlled by the attacker, potentially allowing for arbitrary write if the address is controllable.

Impact

Successful exploitation could cause a denial of service (application crash) or, if the write destination is controlled, arbitrary code execution in the context of the current user. The exact impact depends on memory layout and exploitability.

Mitigation

As of the publication date (2019-09-26), no official patch or advisory from Advantech has been released. Users should avoid opening untrusted files and consider restricting execution of the HMI Designer application. Monitor Advantech's support portal for future updates.