Advantech WebAccess webvrpcs viewdll1 VdBroadWinGetLocalDataLogEx Buffer Overflow Exploit

The specific flaw exists within the implementation of the 0x13C80 IOCTL in the BwOpcTool subsystem in VdBroadWinGetLocalDataLogEx. When parsing the NamedObject structure, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2018-8845
Released Date: 
Wednesday, June 6, 2018 - 19:00