CVE-2019-16901

Vulnerability

Advantech WebAccess/HMI Designer version 2.1.9.31 (and possibly earlier versions) contains an exception handler chain corruption vulnerability. The issue manifests as a crash starting at ntdll!RtlRaiseStatus+0x00000000000000b4 with an unknown symbol at address 0x0000000000000000. The crash is triggered via fuzzing, indicating that the application does not properly handle malformed input, leading to corruption of the exception handling structures. The affected version is explicitly 2.1.9.31 as tested in the reference [1].

Exploitation

An attacker with local access to the system where WebAccess/HMI Designer is installed can cause the application to crash by providing specially crafted input (e.g., via a malformed project file or network data). The fuzzing approach in the reference [1] suggests that the vulnerability is reachable through the UI or file parsing functionality. No authentication or special privileges are required beyond the ability to interact with the application. The attack does not require user interaction beyond opening the malformed file or data.

Impact

Successful exploitation leads to a denial-of-service condition as the application crashes. The provided details do not indicate arbitrary code execution or privilege escalation. The crash is reproducible and results in an application termination, potentially causing loss of unsaved work and disruption of service.

Mitigation

As of the publication date (2019-09-26), no official patch or fixed version has been released. The vendor (Advantech) may have provided an update in a later version beyond 2.1.9.31. Users should check for the latest version of WebAccess/HMI Designer and apply any available updates. Until a fix is available, avoid opening untrusted files or data in the application to reduce the risk of exploitation.