CVEs-PoC/2020/CVE-2020-16207.md

### [CVE-2020-16207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16207)
![](https://img.shields.io/static/v1?label=Product&message=Advantech%20WebAccess%20HMI%20Designer&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=HEAP-BASED%20BUFFER%20OVERFLOW%20CWE-122&color=brighgreen)

### Description

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by opening specially crafted project files that may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Live-Hack-CVE/CVE-2020-16207