US-CERT Iconics advisory
In the recent weeks Iconics has seen an upswing in the amount of vulnerabilities being discovered in their software, which now includes a WebHMI ActiveX Stack overflow. Although requiring some moderate social engineering to commit the attack, the US-CERT released a warning surrounding the vulnerability.
Comparably quick to respond, version 9.22 of the software was released which now prevents against this vulnerability.
More details on the attack can be found here.