Advantech WebAccess HMI Designer, Versions 184.108.40.206 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash.
Weakness: Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
This section is open source, for any additional information that enhances or clarifies the official advisory above.
Exploits for CVE-2020-16217 are not publicly available.