Advantech WebAccess HMI Designer, Versions 220.127.116.11 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by opening specially crafted project files that may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
Weakness: Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.
This section is open source, for any additional information that enhances or clarifies the official advisory above.
Exploits for CVE-2020-16207 are not publicly available.