{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-29T23:32:19.282","vulnerabilities":[{"cve":{"id":"CVE-2020-16215","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2020-08-06T19:15:13.817","lastModified":"2026-06-17T02:57:52.407","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, which may allow remote code execution, disclosure/modification of information, or cause the application to crash."},{"lang":"es","value":"Advantech WebAccess HMI Designer, versiones 2.1.9.31 y anteriores. El procesamiento de archivos de proyecto especialmente diseñados carecen de una comprobación apropiada de los datos proporcionados por un usuario puede causar un desbordamiento del búfer en la región stack de la memoria, lo que puede permitir una ejecución de código remota, divulgación y modificación de información o causar que la aplicación se bloquee"}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"n/a","product":"Advantech WebAccess HMI Designer","versions":[{"version":"Versions 2.1.9.31 and prior","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:advantech:webaccess\\/hmi_designer:*:*:*:*:*:*:*:*","versionEndIncluding":"2.1.9.31","matchCriteriaId":"B10BE31F-862E-4C94-A25A-D8F86CE09C9F"}]}]}],"references":[{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-953/","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-953/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}