OTPulse
FeedAboutContact

Advantech WebAccess HMI Designer

Plan Patch7.8ICS-CERT ICSA-19-213-01Aug 1, 2019
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

A buffer overflow vulnerability in Advantech WebAccess HMI Designer versions 2.1.9.23 and earlier allows arbitrary code execution if a user opens a specially crafted file or follows a malicious link. The vulnerability is triggered through user interaction and requires local access or social engineering. It affects the HMI Designer application running on engineering workstations used to configure and manage control system interfaces.

What this means
What could happen
An attacker with local access to a machine running WebAccess HMI Designer could execute arbitrary code on that system, potentially compromising HMI configuration files or the engineering workstation itself.
Who's at risk
This vulnerability affects organizations in manufacturing and other sectors that use Advantech WebAccess HMI Designer for creating and managing human-machine interface (HMI) applications. Engineering staff and workstations responsible for designing or modifying control system interfaces are at risk if they interact with malicious files.
How it could be exploited
An attacker would need to trick a user into opening a malicious file or clicking a link while the user is logged into a workstation with WebAccess HMI Designer installed. The vulnerability is triggered through user interaction (e.g., opening a crafted project file or email attachment), not remotely over the network.
Prerequisites
  • Local or physical access to the engineering workstation
  • User interaction required (opening a file or clicking a link)
  • WebAccess HMI Designer version 2.1.9.23 or earlier installed
Requires user interactionLocal exploitation onlyNo public exploits knownAffects engineering workstationsCould lead to HMI manipulation
Exploitability
Low exploit probability (EPSS 0.8%)
Affected products (1)
ProductAffected VersionsFix Status
WebAccess HMI Designer:≤ 2.1.9.232.1.9.31
Remediation & Mitigation
0/4
Do now
0/1
HARDENINGTrain users not to open unsolicited email attachments or click untrusted links, especially from unknown senders
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade WebAccess HMI Designer to version 2.1.9.31 or later
HARDENINGRestrict access to engineering workstations to authorized personnel only
Long-term hardening
0/1
HARDENINGImplement email filtering and content inspection to block suspicious attachments and links
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/cc2961ec-870f-46f8-b8cc-36f00f2bfc6e
Advantech WebAccess HMI Designer | CVSS 7.8 - OTPulse