← Back to home
ICSA-14-324-01  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Advantech WebAccess Stack-based Buffer Overflow

CVSS 7.2 HIGH

CVEs (1)

Remediations

  • Advantech has created a new version (8.0) to mitigate this vulnerability. Users may download the patch from the following location at Advantech’s web site: (http://webaccess.advantech.com/downloads_software.php)
  • For additional information about WebAccess, please visit the following Advantech web site: (http://webaccess.advantech.com/)
  • Core Security recommends that if users upgrade to WebAccess 8.0, they must also delete the vulnerable “webeye.ocx” from their system, or uninstall the previous version before installing WebAccess 8.0. It recommends that users avoid opening untrusted .html files. Core Security also recommends the use of third-party software to help prevent the exploitation of affected systems.

Affected Vendors

Advantech

Affected Products (1)

Advantech · WebAccess <=7.2

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more