{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T21:30:19.209","vulnerabilities":[{"cve":{"id":"CVE-2020-16229","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2020-08-06T19:15:13.987","lastModified":"2024-11-21T05:06:59.007","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which may allow remote code execution, disclosure/modification of information, or cause the application to crash."},{"lang":"es","value":"Advantech WebAccess HMI Designer, versiones 2.1.9.31 y anteriores. El procesamiento de archivos de proyecto especialmente diseñados carecen de comprobación apropiada de los datos proporcionados por un usuario puede causar una condición de confusión de tipo, lo que puede permitir una ejecución de código remota, divulgación y modificación de información o causar que la aplicación se bloquee"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:advantech:webaccess\\/hmi_designer:*:*:*:*:*:*:*:*","versionEndIncluding":"2.1.9.31","matchCriteriaId":"B10BE31F-862E-4C94-A25A-D8F86CE09C9F"}]}]}],"references":[{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-954/","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-954/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}