Vulnerabilites related to Advantech - WebAccess/SCADA
cve-2019-6554
Vulnerability from cvelistv5
Published
2019-04-05 18:15
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper access control vulnerability may allow an attacker to cause a denial-of-service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: Versions 8.3.5 and prior. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:21.684Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { status: "affected", version: "Versions 8.3.5 and prior.", }, ], }, ], datePublic: "2019-04-02T00:00:00", descriptions: [ { lang: "en", value: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper access control vulnerability may allow an attacker to cause a denial-of-service condition.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "IMPROPER ACCESS CONTROL CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-05T18:15:35", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2019-6554", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "WebAccess/SCADA", version: { version_data: [ { version_value: "Versions 8.3.5 and prior.", }, ], }, }, ], }, vendor_name: "Advantech", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper access control vulnerability may allow an attacker to cause a denial-of-service condition.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "IMPROPER ACCESS CONTROL CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2019-6554", datePublished: "2019-04-05T18:15:35", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:21.684Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32628
Vulnerability from cvelistv5
Published
2023-06-05 23:14
Modified
2025-01-08 14:22
Severity ?
EPSS score ?
Summary
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: 0 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:25:36.755Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-32628", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T14:22:24.832377Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-08T14:22:34.205Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { lessThanOrEqual: "v9.1.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "YangLiu from Elex Feigong Research Institute reported these vulnerabilities to CISA.", }, ], datePublic: "2023-06-01T17:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution.</span>\n\n</span>\n\n</span>\n\n", }, ], value: "\n\n\n\n\nIn Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution.\n\n\n\n\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-434", description: "CWE-434 Unrestricted Upload of File with Dangerous Type", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-05T23:14:00.388Z", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Advantech recommends WebAccess/SCADA users upgrade to </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.advantech.com/en/support/details/installation?id=1-MS9MJV\">v9.1.4</a><span style=\"background-color: rgb(255, 255, 255);\">. </span>\n\n<br>", }, ], value: "\nAdvantech recommends WebAccess/SCADA users upgrade to v9.1.4 https://www.advantech.com/en/support/details/installation . \n\n\n", }, ], source: { advisory: "ICSA-23-152-01", discovery: "EXTERNAL", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2023-32628", datePublished: "2023-06-05T23:14:00.388Z", dateReserved: "2023-05-22T18:07:54.479Z", dateUpdated: "2025-01-08T14:22:34.205Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-1437
Vulnerability from cvelistv5
Published
2023-08-02 22:30
Modified
2024-08-02 05:49
Severity ?
EPSS score ?
Summary
All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an attacker to gain access to the remote file system and the ability to execute commands and overwrite files.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: 0 < 9.1.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:49:11.643Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { lessThan: "9.1.4", status: "affected", version: "0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Florent Saudel", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an attacker to gain access to the remote file system and the ability to execute commands and overwrite files.</p>", }, ], value: "All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an attacker to gain access to the remote file system and the ability to execute commands and overwrite files.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-822", description: "CWE-822 Untrusted Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-11T14:34:24.399Z", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-02", }, ], source: { discovery: "UNKNOWN", }, title: "CVE-2023-1437", x_generator: { engine: "VINCE 2.1.3", env: "prod", origin: "https://cveawg.mitre.org/api/cve/CVE-2023-1437", }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2023-1437", datePublished: "2023-08-02T22:30:43.978Z", dateReserved: "2023-03-16T22:01:32.632Z", dateUpdated: "2024-08-02T05:49:11.643Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3975
Vulnerability from cvelistv5
Published
2019-09-10 15:55
Modified
2024-08-04 19:26
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/research/tra-2019-41 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: 8.4.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:26:27.639Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2019-41", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { status: "affected", version: "8.4.1", }, ], }, ], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message.", }, ], problemTypes: [ { descriptions: [ { description: "Unauthenticated Remote Stack Buffer Overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-10T15:55:33", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2019-41", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vulnreport@tenable.com", ID: "CVE-2019-3975", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "WebAccess/SCADA", version: { version_data: [ { version_value: "8.4.1", }, ], }, }, ], }, vendor_name: "Advantech", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Unauthenticated Remote Stack Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tenable.com/security/research/tra-2019-41", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2019-41", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2019-3975", datePublished: "2019-09-10T15:55:33", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:26:27.639Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-2453
Vulnerability from cvelistv5
Published
2024-03-21 22:39
Modified
2024-08-01 19:11
Severity ?
EPSS score ?
Summary
There is an SQL injection vulnerability in Advantech WebAccess/SCADA software that allows an authenticated attacker to remotely inject SQL code in the database. Successful exploitation of this vulnerability could allow an attacker to read or modify data on the remote database.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-081-01 | government-resource |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: 9.1.5U |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-2453", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-08T15:03:48.290308Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-08T19:52:58.826Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T19:11:53.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "government-resource", "x_transferred", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-081-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { status: "affected", version: "9.1.5U", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "CISA discovered a public proof of concept as authored by Prześlij Komentarz and reported it to Advantech.", }, ], datePublic: "2024-03-21T21:23:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">There is an SQL injection vulnerability in Advantech WebAccess/SCADA software that allows an authenticated attacker to remotely inject SQL code in the database. Successful exploitation of this vulnerability could allow an attacker to read or modify data on the remote database.</span>\n\n", }, ], value: "\nThere is an SQL injection vulnerability in Advantech WebAccess/SCADA software that allows an authenticated attacker to remotely inject SQL code in the database. Successful exploitation of this vulnerability could allow an attacker to read or modify data on the remote database.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-21T22:39:38.185Z", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "government-resource", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-081-01", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Advantech recommends updating WebAccess/SCADA to version 9.1.6 or higher to mitigate this vulnerability.</span>\n\n<br>", }, ], value: "\nAdvantech recommends updating WebAccess/SCADA to version 9.1.6 or higher to mitigate this vulnerability.\n\n", }, ], source: { advisory: "ICSA-24-081-01", discovery: "EXTERNAL", }, title: "Advantech WebAccess/SCADA SQL Injection", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2024-2453", datePublished: "2024-03-21T22:39:15.488Z", dateReserved: "2024-03-14T15:12:14.027Z", dateUpdated: "2024-08-01T19:11:53.526Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-6550
Vulnerability from cvelistv5
Published
2019-04-05 18:09
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-19-585/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: Versions 8.3.5 and prior. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:21.543Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-19-585/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { status: "affected", version: "Versions 8.3.5 and prior.", }, ], }, ], datePublic: "2019-04-02T00:00:00", descriptions: [ { lang: "en", value: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "STACK-BASED BUFFER OVERFLOW CWE-121", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-07-02T16:06:07", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-19-585/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2019-6550", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "WebAccess/SCADA", version: { version_data: [ { version_value: "Versions 8.3.5 and prior.", }, ], }, }, ], }, vendor_name: "Advantech", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "STACK-BASED BUFFER OVERFLOW CWE-121", }, ], }, ], }, references: { reference_data: [ { name: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-19-585/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-19-585/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2019-6550", datePublished: "2019-04-05T18:09:34", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:21.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-6552
Vulnerability from cvelistv5
Published
2019-04-05 18:02
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: Versions 8.3.5 and prior. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:22.066Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { status: "affected", version: "Versions 8.3.5 and prior.", }, ], }, ], datePublic: "2019-04-02T00:00:00", descriptions: [ { lang: "en", value: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-05T18:02:39", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2019-6552", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "WebAccess/SCADA", version: { version_data: [ { version_value: "Versions 8.3.5 and prior.", }, ], }, }, ], }, vendor_name: "Advantech", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2019-6552", datePublished: "2019-04-05T18:02:39", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:22.066Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22450
Vulnerability from cvelistv5
Published
2023-06-05 23:17
Modified
2025-01-08 14:21
Severity ?
EPSS score ?
Summary
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: 0 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:13:48.320Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22450", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T14:21:03.532091Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-08T14:21:41.605Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { lessThanOrEqual: "v9.1.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "YangLiu from Elex Feigong Research Institute reported these vulnerabilities to CISA.", }, ], datePublic: "2023-06-01T17:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution.</span>\n\n</span>\n\n", }, ], value: "\n\n\nIn Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution.\n\n\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-434", description: "CWE-434 Unrestricted Upload of File with Dangerous Type", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-05T23:17:47.003Z", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Advantech recommends WebAccess/SCADA users upgrade to </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.advantech.com/en/support/details/installation?id=1-MS9MJV\">v9.1.4</a><span style=\"background-color: rgb(255, 255, 255);\">. </span>\n\n<br>", }, ], value: "\nAdvantech recommends WebAccess/SCADA users upgrade to v9.1.4 https://www.advantech.com/en/support/details/installation . \n\n\n", }, ], source: { advisory: "ICSA-23-152-01", discovery: "EXTERNAL", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2023-22450", datePublished: "2023-06-05T23:17:47.003Z", dateReserved: "2023-05-22T18:07:54.484Z", dateUpdated: "2025-01-08T14:21:41.605Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32540
Vulnerability from cvelistv5
Published
2023-06-05 23:16
Modified
2025-01-08 14:22
Severity ?
EPSS score ?
Summary
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: 0 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:18:37.624Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-32540", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T14:22:05.299928Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-08T14:22:14.896Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { lessThanOrEqual: "v9.1.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "YangLiu from Elex Feigong Research Institute reported these vulnerabilities to CISA.", }, ], datePublic: "2023-06-01T17:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution.</span>\n\n", }, ], value: "\nIn Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-05T23:16:28.045Z", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Advantech recommends WebAccess/SCADA users upgrade to </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.advantech.com/en/support/details/installation?id=1-MS9MJV\">v9.1.4</a><span style=\"background-color: rgb(255, 255, 255);\">. </span>\n\n<br>", }, ], value: "\nAdvantech recommends WebAccess/SCADA users upgrade to v9.1.4 https://www.advantech.com/en/support/details/installation . \n\n\n", }, ], source: { advisory: "ICSA-23-152-01", discovery: "EXTERNAL", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2023-32540", datePublished: "2023-06-05T23:16:28.045Z", dateReserved: "2023-05-22T18:07:54.491Z", dateUpdated: "2025-01-08T14:22:14.896Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-2866
Vulnerability from cvelistv5
Published
2023-06-07 20:12
Modified
2025-01-16 21:32
Severity ?
EPSS score ?
Summary
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess/SCADA |
Version: 8.4.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:33:06.094Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-150-01", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-2866", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-16T21:20:42.928189Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-16T21:32:10.686Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "WebAccess/SCADA", vendor: "Advantech", versions: [ { status: "affected", version: "8.4.5", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Marlon Luis Petry reported this vulnerability to CISA.", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. </span>\n\n", }, ], value: "\nIf an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. \n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-351", description: "CWE-351 Insufficient Type Distinction", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-07T20:12:46.824Z", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-150-01", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Advantech released a new </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.advantech.com/en/support/details/installation?id=1-MS9MJV\">version V9.1.4</a><span style=\"background-color: rgb(255, 255, 255);\"> to address the problem by not including these files.</span>\n\n<br>", }, ], value: "\nAdvantech released a new version V9.1.4 https://www.advantech.com/en/support/details/installation to address the problem by not including these files.\n\n\n", }, ], source: { discovery: "EXTERNAL", }, title: "Advantech WebAccess Insufficient Type Distinction", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n<p>Advantech recommends users locate and delete the “WADashboardSetup.msi” file to avoid this issue.</p><p>If\n users wish to remedy this problem in version 8.4.5, they can uninstall \n\"WebAccess Dashboard\" from the control panel. Delete all the files:</p><p>\\Inetpub\\wwwroot\\broadweb\\WADashboard</p><p>\\WebAccess\\Node\\WADashboardSetup.msi</p>\n\n<br>", }, ], value: "Advantech recommends users locate and delete the “WADashboardSetup.msi” file to avoid this issue.\n\nIf\n users wish to remedy this problem in version 8.4.5, they can uninstall \n\"WebAccess Dashboard\" from the control panel. Delete all the files:\n\n\\Inetpub\\wwwroot\\broadweb\\WADashboard\n\n\\WebAccess\\Node\\WADashboardSetup.msi\n\n\n\n\n", }, ], x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2023-2866", datePublished: "2023-06-07T20:12:46.824Z", dateReserved: "2023-05-24T14:09:39.667Z", dateUpdated: "2025-01-16T21:32:10.686Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-201801-1493
Vulnerability from variot
A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the user parameter in chkLogin2.asp. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess is a browser-based human interface HMI software package, as well as monitoring and data acquisition SCADA. Advantech WebAccess/SCADA is a browser-based SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess node", scope: null, trust: 1.4, vendor: "advantech", version: null, }, { _id: null, model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "8.2_20170817", }, { _id: null, model: "webaccess/scada", scope: "lt", trust: 0.8, vendor: "advantech", version: "8.2_20170817", }, { _id: null, model: "webaccess/scada <v8.2 20170817", scope: null, trust: 0.6, vendor: "advantech", version: null, }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.1", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.0", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "7.2", }, { _id: null, model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.3", }, { _id: null, model: null, scope: "eq", trust: 0.2, vendor: "webaccess scada", version: "*", }, ], sources: [ { db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", }, { db: "ZDI", id: "ZDI-18-144", }, { db: "ZDI", id: "ZDI-18-143", }, { db: "CNVD", id: "CNVD-2018-01710", }, { db: "BID", id: "102781", }, { db: "JVNDB", id: "JVNDB-2018-001574", }, { db: "NVD", id: "CVE-2018-5443", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess%2Fscada", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-001574", }, ], }, credits: { _id: null, data: "rgod", sources: [ { db: "ZDI", id: "ZDI-18-144", }, { db: "ZDI", id: "ZDI-18-143", }, ], trust: 1.4, }, cve: "CVE-2018-5443", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2018-5443", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 3.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2018-01710", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-135474", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2018-5443", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2018-5443", trust: 1.4, value: "MEDIUM", }, { author: "nvd@nist.gov", id: "CVE-2018-5443", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2018-5443", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2018-01710", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201801-959", trust: 0.6, value: "MEDIUM", }, { author: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", trust: 0.2, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-135474", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", }, { db: "ZDI", id: "ZDI-18-144", }, { db: "ZDI", id: "ZDI-18-143", }, { db: "CNVD", id: "CNVD-2018-01710", }, { db: "VULHUB", id: "VHN-135474", }, { db: "JVNDB", id: "JVNDB-2018-001574", }, { db: "CNNVD", id: "CNNVD-201801-959", }, { db: "NVD", id: "CVE-2018-5443", }, ], }, description: { _id: null, data: "A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the user parameter in chkLogin2.asp. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess is a browser-based human interface HMI software package, as well as monitoring and data acquisition SCADA. Advantech WebAccess/SCADA is a browser-based SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2018-5443", }, { db: "JVNDB", id: "JVNDB-2018-001574", }, { db: "ZDI", id: "ZDI-18-144", }, { db: "ZDI", id: "ZDI-18-143", }, { db: "CNVD", id: "CNVD-2018-01710", }, { db: "BID", id: "102781", }, { db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", }, { db: "VULHUB", id: "VHN-135474", }, ], trust: 3.96, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2018-5443", trust: 5, }, { db: "ICS CERT", id: "ICSA-18-023-01", trust: 3.4, }, { db: "BID", id: "102781", trust: 2, }, { db: "CNNVD", id: "CNNVD-201801-959", trust: 0.9, }, { db: "CNVD", id: "CNVD-2018-01710", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2018-001574", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-5503", trust: 0.7, }, { db: "ZDI", id: "ZDI-18-144", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-5502", trust: 0.7, }, { db: "ZDI", id: "ZDI-18-143", trust: 0.7, }, { db: "IVD", id: "E2E2B550-39AB-11E9-BB92-000C29342CB1", trust: 0.2, }, { db: "VULHUB", id: "VHN-135474", trust: 0.1, }, ], sources: [ { db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", }, { db: "ZDI", id: "ZDI-18-144", }, { db: "ZDI", id: "ZDI-18-143", }, { db: "CNVD", id: "CNVD-2018-01710", }, { db: "VULHUB", id: "VHN-135474", }, { db: "BID", id: "102781", }, { db: "JVNDB", id: "JVNDB-2018-001574", }, { db: "CNNVD", id: "CNNVD-201801-959", }, { db: "NVD", id: "CVE-2018-5443", }, ], }, id: "VAR-201801-1493", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-01710", }, { db: "VULHUB", id: "VHN-135474", }, ], trust: 1.6679344999999999, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-01710", }, ], }, last_update_date: "2024-11-23T22:34:24.880000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 1.4, url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-01", }, { title: "WebAccess/SCADA", trust: 0.8, url: "http://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, { title: "Patch for Advantech WebAccess/SCADA SQL Injection Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/114217", }, { title: "Advantech WebAccess/SCADA SQL Repair measures for injecting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78083", }, ], sources: [ { db: "ZDI", id: "ZDI-18-144", }, { db: "ZDI", id: "ZDI-18-143", }, { db: "CNVD", id: "CNVD-2018-01710", }, { db: "JVNDB", id: "JVNDB-2018-001574", }, { db: "CNNVD", id: "CNNVD-201801-959", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-89", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-135474", }, { db: "JVNDB", id: "JVNDB-2018-001574", }, { db: "NVD", id: "CVE-2018-5443", }, ], }, references: { _id: null, data: [ { trust: 4.2, url: "https://ics-cert.us-cert.gov/advisories/icsa-18-023-01", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/102781", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5443", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2018-5443", }, { trust: 0.6, url: "https://www.proxyit.cc/advisories/icsa-18-023-01", }, { trust: 0.3, url: "http://www.advantech.in/", }, { trust: 0.3, url: "http://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, ], sources: [ { db: "ZDI", id: "ZDI-18-144", }, { db: "ZDI", id: "ZDI-18-143", }, { db: "CNVD", id: "CNVD-2018-01710", }, { db: "VULHUB", id: "VHN-135474", }, { db: "BID", id: "102781", }, { db: "JVNDB", id: "JVNDB-2018-001574", }, { db: "CNNVD", id: "CNNVD-201801-959", }, { db: "NVD", id: "CVE-2018-5443", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", ident: null, }, { db: "ZDI", id: "ZDI-18-144", ident: null, }, { db: "ZDI", id: "ZDI-18-143", ident: null, }, { db: "CNVD", id: "CNVD-2018-01710", ident: null, }, { db: "VULHUB", id: "VHN-135474", ident: null, }, { db: "BID", id: "102781", ident: null, }, { db: "JVNDB", id: "JVNDB-2018-001574", ident: null, }, { db: "CNNVD", id: "CNNVD-201801-959", ident: null, }, { db: "NVD", id: "CVE-2018-5443", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2018-01-24T00:00:00", db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", ident: null, }, { date: "2018-02-06T00:00:00", db: "ZDI", id: "ZDI-18-144", ident: null, }, { date: "2018-02-06T00:00:00", db: "ZDI", id: "ZDI-18-143", ident: null, }, { date: "2018-01-24T00:00:00", db: "CNVD", id: "CNVD-2018-01710", ident: null, }, { date: "2018-01-25T00:00:00", db: "VULHUB", id: "VHN-135474", ident: null, }, { date: "2018-01-23T00:00:00", db: "BID", id: "102781", ident: null, }, { date: "2018-02-26T00:00:00", db: "JVNDB", id: "JVNDB-2018-001574", ident: null, }, { date: "2018-01-26T00:00:00", db: "CNNVD", id: "CNNVD-201801-959", ident: null, }, { date: "2018-01-25T03:29:00.320000", db: "NVD", id: "CVE-2018-5443", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2018-02-06T00:00:00", db: "ZDI", id: "ZDI-18-144", ident: null, }, { date: "2018-02-06T00:00:00", db: "ZDI", id: "ZDI-18-143", ident: null, }, { date: "2018-01-24T00:00:00", db: "CNVD", id: "CNVD-2018-01710", ident: null, }, { date: "2019-10-09T00:00:00", db: "VULHUB", id: "VHN-135474", ident: null, }, { date: "2018-01-23T00:00:00", db: "BID", id: "102781", ident: null, }, { date: "2018-02-26T00:00:00", db: "JVNDB", id: "JVNDB-2018-001574", ident: null, }, { date: "2019-10-17T00:00:00", db: "CNNVD", id: "CNNVD-201801-959", ident: null, }, { date: "2024-11-21T04:08:48.940000", db: "NVD", id: "CVE-2018-5443", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201801-959", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess/SCADA SQL Injection Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2018-01710", }, { db: "CNNVD", id: "CNNVD-201801-959", }, ], trust: 1.2, }, type: { _id: null, data: "SQL injection", sources: [ { db: "IVD", id: "e2e2b550-39ab-11e9-bb92-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201801-959", }, ], trust: 0.8, }, }
var-202102-0022
Vulnerability from variot
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0022", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11305", }, { db: "JVNDB", id: "JVNDB-2020-016182", }, { db: "NVD", id: "CVE-2020-13552", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Discovered by Yuri Kramarz of Cisco Talos.", sources: [ { db: "CNNVD", id: "CNNVD-202102-1259", }, ], trust: 0.6, }, cve: "CVE-2020-13552", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CVE-2020-13552", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.8, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2021-11305", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "VHN-166342", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "talos-cna@cisco.com", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13552", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13552", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-13552", trust: 1, value: "HIGH", }, { author: "talos-cna@cisco.com", id: "CVE-2020-13552", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2020-13552", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2021-11305", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202102-1259", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-166342", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11305", }, { db: "VULHUB", id: "VHN-166342", }, { db: "JVNDB", id: "JVNDB-2020-016182", }, { db: "CNNVD", id: "CNNVD-202102-1259", }, { db: "NVD", id: "CVE-2020-13552", }, { db: "NVD", id: "CVE-2020-13552", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2020-13552", }, { db: "JVNDB", id: "JVNDB-2020-016182", }, { db: "CNVD", id: "CNVD-2021-11305", }, { db: "VULHUB", id: "VHN-166342", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "TALOS", id: "TALOS-2020-1169", trust: 3.1, }, { db: "NVD", id: "CVE-2020-13552", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-016182", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-11305", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202102-1259", trust: 0.6, }, { db: "VULHUB", id: "VHN-166342", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11305", }, { db: "VULHUB", id: "VHN-166342", }, { db: "JVNDB", id: "JVNDB-2020-016182", }, { db: "CNNVD", id: "CNNVD-202102-1259", }, { db: "NVD", id: "CVE-2020-13552", }, ], }, id: "VAR-202102-0022", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-11305", }, { db: "VULHUB", id: "VHN-166342", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11305", }, ], }, last_update_date: "2024-11-23T22:40:46.773000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, { title: "Advantech WebAccess/SCADA Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142126", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-016182", }, { db: "CNNVD", id: "CNNVD-202102-1259", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-276", trust: 1.1, }, { problemtype: "Improper authority management (CWE-269) [NVD Evaluation ]", trust: 0.8, }, { problemtype: "CWE-269", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-166342", }, { db: "JVNDB", id: "JVNDB-2020-016182", }, { db: "NVD", id: "CVE-2020-13552", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://talosintelligence.com/vulnerability_reports/talos-2020-1169", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13552", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11305", }, { db: "VULHUB", id: "VHN-166342", }, { db: "JVNDB", id: "JVNDB-2020-016182", }, { db: "CNNVD", id: "CNNVD-202102-1259", }, { db: "NVD", id: "CVE-2020-13552", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-11305", }, { db: "VULHUB", id: "VHN-166342", }, { db: "JVNDB", id: "JVNDB-2020-016182", }, { db: "CNNVD", id: "CNNVD-202102-1259", }, { db: "NVD", id: "CVE-2020-13552", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11305", }, { date: "2021-02-17T00:00:00", db: "VULHUB", id: "VHN-166342", }, { date: "2021-11-12T00:00:00", db: "JVNDB", id: "JVNDB-2020-016182", }, { date: "2021-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202102-1259", }, { date: "2021-02-17T19:15:12.450000", db: "NVD", id: "CVE-2020-13552", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11305", }, { date: "2022-06-29T00:00:00", db: "VULHUB", id: "VHN-166342", }, { date: "2021-11-12T01:22:00", db: "JVNDB", id: "JVNDB-2020-016182", }, { date: "2022-04-20T00:00:00", db: "CNNVD", id: "CNNVD-202102-1259", }, { date: "2024-11-21T05:01:28.920000", db: "NVD", id: "CVE-2020-13552", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202102-1259", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Vulnerability in privilege management", sources: [ { db: "JVNDB", id: "JVNDB-2020-016182", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202102-1259", }, ], trust: 0.6, }, }
var-202005-1246
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x520B in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, ], sources: [ { db: "ZDI", id: "ZDI-20-606", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-606", }, ], trust: 0.7, }, cvss: { _id: null, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "ZDI-20-606", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "ZDI-20-606", trust: 0.7, value: "CRITICAL", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-606", }, ], }, description: { _id: null, data: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x520B in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.", sources: [ { db: "ZDI", id: "ZDI-20-606", }, ], trust: 0.7, }, external_ids: { _id: null, data: [ { db: "ZDI_CAN", id: "ZDI-CAN-9935", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-606", trust: 0.7, }, ], sources: [ { db: "ZDI", id: "ZDI-20-606", }, ], }, id: "VAR-202005-1246", iot: { _id: null, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6405517, }, last_update_date: "2022-05-17T01:40:54.071000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-606", }, ], }, references: { _id: null, data: [ { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-606", }, ], }, sources: { _id: null, data: [ { db: "ZDI", id: "ZDI-20-606", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-606", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-606", ident: null, }, ], }, title: { _id: null, data: "Advantech WebAccess/SCADA DATACORE IOCTL 0x520B Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-606", }, ], trust: 0.7, }, }
var-202010-1635
Vulnerability from variot
Advantech WebAccess SCADA is a HMI/SCADA monitoring software based entirely on IE browser.
Advantech (China) Co., Ltd. has a binary vulnerability in WebAccess/SCADA. Attackers can use the vulnerability to cause a denial of service.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1635", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-56012", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-56012", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-56012", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-56012", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess SCADA is a HMI/SCADA monitoring software based entirely on IE browser.\n\r\n\r\nAdvantech (China) Co., Ltd. has a binary vulnerability in WebAccess/SCADA. Attackers can use the vulnerability to cause a denial of service.", sources: [ { db: "CNVD", id: "CNVD-2020-56012", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-56012", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-56012", }, ], }, id: "VAR-202010-1635", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-56012", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-56012", }, ], }, last_update_date: "2022-05-04T09:08:52.689000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-56012", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-15T00:00:00", db: "CNVD", id: "CNVD-2020-56012", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-13T00:00:00", db: "CNVD", id: "CNVD-2020-56012", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Binary Vulnerability in WebAccess/SCADA of Advantech (China) Co., Ltd.", sources: [ { db: "CNVD", id: "CNVD-2020-56012", }, ], trust: 0.6, }, }
var-202005-0334
Vulnerability from variot
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. Advantech WebAccess Node Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00005241 in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is due to the fact that the program does not correctly verify the length of the data submitted by the user
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 6.3, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "eq", trust: 1.9, vendor: "advantech", version: "9.0.0", }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess", scope: "eq", trust: 0.9, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "gte", trust: 0.6, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "*", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "9.0.0", }, ], sources: [ { db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", }, { db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", }, { db: "ZDI", id: "ZDI-20-625", }, { db: "ZDI", id: "ZDI-20-591", }, { db: "ZDI", id: "ZDI-20-634", }, { db: "ZDI", id: "ZDI-20-624", }, { db: "ZDI", id: "ZDI-20-590", }, { db: "ZDI", id: "ZDI-20-592", }, { db: "ZDI", id: "ZDI-20-622", }, { db: "ZDI", id: "ZDI-20-619", }, { db: "ZDI", id: "ZDI-20-633", }, { db: "CNVD", id: "CNVD-2020-29740", }, { db: "VULMON", id: "CVE-2020-12002", }, { db: "JVNDB", id: "JVNDB-2020-005161", }, { db: "NVD", id: "CVE-2020-12002", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-005161", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-625", }, { db: "ZDI", id: "ZDI-20-591", }, { db: "ZDI", id: "ZDI-20-634", }, { db: "ZDI", id: "ZDI-20-624", }, { db: "ZDI", id: "ZDI-20-590", }, { db: "ZDI", id: "ZDI-20-592", }, { db: "ZDI", id: "ZDI-20-622", }, { db: "ZDI", id: "ZDI-20-619", }, { db: "ZDI", id: "ZDI-20-633", }, ], trust: 6.3, }, cve: "CVE-2020-12002", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-12002", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-005161", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-29740", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "fafb27eb-2f95-48b4-b412-633e1702e89e", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-164637", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12002", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 4.9, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, id: "CVE-2020-12002", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.4, userInteraction: "NONE", vectorString: "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12002", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-005161", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2020-12002", trust: 4.9, value: "CRITICAL", }, { author: "ZDI", id: "CVE-2020-12002", trust: 1.4, value: "HIGH", }, { author: "nvd@nist.gov", id: "CVE-2020-12002", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "JVNDB-2020-005161", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2020-29740", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202005-298", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-164637", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-12002", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", }, { db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", }, { db: "ZDI", id: "ZDI-20-625", }, { db: "ZDI", id: "ZDI-20-591", }, { db: "ZDI", id: "ZDI-20-634", }, { db: "ZDI", id: "ZDI-20-624", }, { db: "ZDI", id: "ZDI-20-590", }, { db: "ZDI", id: "ZDI-20-592", }, { db: "ZDI", id: "ZDI-20-622", }, { db: "ZDI", id: "ZDI-20-619", }, { db: "ZDI", id: "ZDI-20-633", }, { db: "CNVD", id: "CNVD-2020-29740", }, { db: "VULHUB", id: "VHN-164637", }, { db: "VULMON", id: "CVE-2020-12002", }, { db: "JVNDB", id: "JVNDB-2020-005161", }, { db: "CNNVD", id: "CNNVD-202005-298", }, { db: "NVD", id: "CVE-2020-12002", }, ], }, description: { _id: null, data: "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. Advantech WebAccess Node Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00005241 in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is due to the fact that the program does not correctly verify the length of the data submitted by the user", sources: [ { db: "NVD", id: "CVE-2020-12002", }, { db: "JVNDB", id: "JVNDB-2020-005161", }, { db: "ZDI", id: "ZDI-20-625", }, { db: "ZDI", id: "ZDI-20-591", }, { db: "ZDI", id: "ZDI-20-634", }, { db: "ZDI", id: "ZDI-20-624", }, { db: "ZDI", id: "ZDI-20-590", }, { db: "ZDI", id: "ZDI-20-592", }, { db: "ZDI", id: "ZDI-20-622", }, { db: "ZDI", id: "ZDI-20-619", }, { db: "ZDI", id: "ZDI-20-633", }, { db: "CNVD", id: "CNVD-2020-29740", }, { db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", }, { db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", }, { db: "VULHUB", id: "VHN-164637", }, { db: "VULMON", id: "CVE-2020-12002", }, ], trust: 8.37, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2020-12002", trust: 9.9, }, { db: "ICS CERT", id: "ICSA-20-128-01", trust: 3.2, }, { db: "ZDI", id: "ZDI-20-625", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-591", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-634", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-624", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-590", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-592", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-622", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-619", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-633", trust: 2.5, }, { db: "CNVD", id: "CNVD-2020-29740", trust: 1.1, }, { db: "CNNVD", id: "CNNVD-202005-298", trust: 1.1, }, { db: "JVN", id: "JVNVU93292753", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-005161", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-10339", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9996", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-10080", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-10338", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9987", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9906", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-10086", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-10025", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-10079", trust: 0.7, }, { db: "NSFOCUS", id: "47354", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1646", trust: 0.6, }, { db: "IVD", id: "FAFB27EB-2F95-48B4-B412-633E1702E89E", trust: 0.2, }, { db: "IVD", id: "D30FFCD7-838B-4BFA-B622-12761EC4A16F", trust: 0.2, }, { db: "VULHUB", id: "VHN-164637", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-12002", trust: 0.1, }, ], sources: [ { db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", }, { db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", }, { db: "ZDI", id: "ZDI-20-625", }, { db: "ZDI", id: "ZDI-20-591", }, { db: "ZDI", id: "ZDI-20-634", }, { db: "ZDI", id: "ZDI-20-624", }, { db: "ZDI", id: "ZDI-20-590", }, { db: "ZDI", id: "ZDI-20-592", }, { db: "ZDI", id: "ZDI-20-622", }, { db: "ZDI", id: "ZDI-20-619", }, { db: "ZDI", id: "ZDI-20-633", }, { db: "CNVD", id: "CNVD-2020-29740", }, { db: "VULHUB", id: "VHN-164637", }, { db: "VULMON", id: "CVE-2020-12002", }, { db: "JVNDB", id: "JVNDB-2020-005161", }, { db: "CNNVD", id: "CNNVD-202005-298", }, { db: "NVD", id: "CVE-2020-12002", }, ], }, id: "VAR-202005-0334", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", }, { db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", }, { db: "CNVD", id: "CNVD-2020-29740", }, { db: "VULHUB", id: "VHN-164637", }, ], trust: 1.679503486666667, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 1, }, ], sources: [ { db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", }, { db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", }, { db: "CNVD", id: "CNVD-2020-29740", }, ], }, last_update_date: "2024-11-23T21:59:18.713000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 6.3, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Patch for Advantech WebAccess Node buffer overflow vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/218847", }, { title: "Advantech WebAccess Node Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118650", }, ], sources: [ { db: "ZDI", id: "ZDI-20-625", }, { db: "ZDI", id: "ZDI-20-591", }, { db: "ZDI", id: "ZDI-20-634", }, { db: "ZDI", id: "ZDI-20-624", }, { db: "ZDI", id: "ZDI-20-590", }, { db: "ZDI", id: "ZDI-20-592", }, { db: "ZDI", id: "ZDI-20-622", }, { db: "ZDI", id: "ZDI-20-619", }, { db: "ZDI", id: "ZDI-20-633", }, { db: "CNVD", id: "CNVD-2020-29740", }, { db: "JVNDB", id: "JVNDB-2020-005161", }, { db: "CNNVD", id: "CNNVD-202005-298", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-787", trust: 1.9, }, { problemtype: "CWE-121", trust: 1, }, ], sources: [ { db: "VULHUB", id: "VHN-164637", }, { db: "JVNDB", id: "JVNDB-2020-005161", }, { db: "NVD", id: "CVE-2020-12002", }, ], }, references: { _id: null, data: [ { trust: 6.3, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { trust: 3.8, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-01", }, { trust: 2.4, url: "https://www.zerodayinitiative.com/advisories/zdi-20-634/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-590/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-591/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-592/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-619/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-622/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-624/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-625/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-633/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-12002", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12002", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu93292753/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1646/", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/47354", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/181597", }, ], sources: [ { db: "ZDI", id: "ZDI-20-625", }, { db: "ZDI", id: "ZDI-20-591", }, { db: "ZDI", id: "ZDI-20-634", }, { db: "ZDI", id: "ZDI-20-624", }, { db: "ZDI", id: "ZDI-20-590", }, { db: "ZDI", id: "ZDI-20-592", }, { db: "ZDI", id: "ZDI-20-622", }, { db: "ZDI", id: "ZDI-20-619", }, { db: "ZDI", id: "ZDI-20-633", }, { db: "CNVD", id: "CNVD-2020-29740", }, { db: "VULHUB", id: "VHN-164637", }, { db: "VULMON", id: "CVE-2020-12002", }, { db: "JVNDB", id: "JVNDB-2020-005161", }, { db: "CNNVD", id: "CNNVD-202005-298", }, { db: "NVD", id: "CVE-2020-12002", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", ident: null, }, { db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", ident: null, }, { db: "ZDI", id: "ZDI-20-625", ident: null, }, { db: "ZDI", id: "ZDI-20-591", ident: null, }, { db: "ZDI", id: "ZDI-20-634", ident: null, }, { db: "ZDI", id: "ZDI-20-624", ident: null, }, { db: "ZDI", id: "ZDI-20-590", ident: null, }, { db: "ZDI", id: "ZDI-20-592", ident: null, }, { db: "ZDI", id: "ZDI-20-622", ident: null, }, { db: "ZDI", id: "ZDI-20-619", ident: null, }, { db: "ZDI", id: "ZDI-20-633", ident: null, }, { db: "CNVD", id: "CNVD-2020-29740", ident: null, }, { db: "VULHUB", id: "VHN-164637", ident: null, }, { db: "VULMON", id: "CVE-2020-12002", ident: null, }, { db: "JVNDB", id: "JVNDB-2020-005161", ident: null, }, { db: "CNNVD", id: "CNNVD-202005-298", ident: null, }, { db: "NVD", id: "CVE-2020-12002", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-07T00:00:00", db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", ident: null, }, { date: "2020-05-07T00:00:00", db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-625", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-591", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-634", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-624", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-590", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-592", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-622", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-619", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-633", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29740", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULHUB", id: "VHN-164637", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULMON", id: "CVE-2020-12002", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005161", ident: null, }, { date: "2020-05-07T00:00:00", db: "CNNVD", id: "CNNVD-202005-298", ident: null, }, { date: "2020-05-08T12:15:11.113000", db: "NVD", id: "CVE-2020-12002", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-625", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-591", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-634", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-624", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-590", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-592", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-622", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-619", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-633", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29740", ident: null, }, { date: "2021-09-23T00:00:00", db: "VULHUB", id: "VHN-164637", ident: null, }, { date: "2020-05-12T00:00:00", db: "VULMON", id: "CVE-2020-12002", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005161", ident: null, }, { date: "2021-01-04T00:00:00", db: "CNNVD", id: "CNNVD-202005-298", ident: null, }, { date: "2024-11-21T04:59:05.610000", db: "NVD", id: "CVE-2020-12002", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202005-298", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess/SCADA BwBacNetJ Stack-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-634", }, { db: "ZDI", id: "ZDI-20-633", }, ], trust: 1.4, }, type: { _id: null, data: "Buffer error", sources: [ { db: "IVD", id: "fafb27eb-2f95-48b4-b412-633e1702e89e", }, { db: "IVD", id: "d30ffcd7-838b-4bfa-b622-12761ec4a16f", }, { db: "CNNVD", id: "CNNVD-202005-298", }, ], trust: 1, }, }
var-201906-1028
Vulnerability from variot
In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. WebAccess/SCADA Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x271C IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. An information disclosure vulnerability 5. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: null, trust: 4.9, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "lte", trust: 1.8, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.1", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.0", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "7.2", }, { _id: null, model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.4.1", }, { _id: null, model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", }, { db: "ZDI", id: "ZDI-19-620", }, { db: "ZDI", id: "ZDI-19-586", }, { db: "ZDI", id: "ZDI-19-588", }, { db: "ZDI", id: "ZDI-19-589", }, { db: "ZDI", id: "ZDI-19-592", }, { db: "ZDI", id: "ZDI-19-594", }, { db: "ZDI", id: "ZDI-19-619", }, { db: "CNVD", id: "CNVD-2019-32472", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005813", }, { db: "NVD", id: "CVE-2019-10991", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-005813", }, ], }, credits: { _id: null, data: "Mat Powell of Trend Micro Zero Day Initiative", sources: [ { db: "ZDI", id: "ZDI-19-620", }, { db: "ZDI", id: "ZDI-19-588", }, { db: "ZDI", id: "ZDI-19-589", }, { db: "ZDI", id: "ZDI-19-592", }, { db: "ZDI", id: "ZDI-19-619", }, ], trust: 3.5, }, cve: "CVE-2019-10991", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-10991", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32472", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "917426ff-7065-403b-bd4d-431e7d3751d4", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-142593", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-10991", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 4.9, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-10991", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-10991", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2019-10991", trust: 4.9, value: "CRITICAL", }, { author: "nvd@nist.gov", id: "CVE-2019-10991", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-10991", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-32472", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201906-1075", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-142593", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", }, { db: "ZDI", id: "ZDI-19-620", }, { db: "ZDI", id: "ZDI-19-586", }, { db: "ZDI", id: "ZDI-19-588", }, { db: "ZDI", id: "ZDI-19-589", }, { db: "ZDI", id: "ZDI-19-592", }, { db: "ZDI", id: "ZDI-19-594", }, { db: "ZDI", id: "ZDI-19-619", }, { db: "CNVD", id: "CNVD-2019-32472", }, { db: "VULHUB", id: "VHN-142593", }, { db: "JVNDB", id: "JVNDB-2019-005813", }, { db: "CNNVD", id: "CNNVD-201906-1075", }, { db: "NVD", id: "CVE-2019-10991", }, ], }, description: { _id: null, data: "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. WebAccess/SCADA Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x271C IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. An information disclosure vulnerability\n5. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable", sources: [ { db: "NVD", id: "CVE-2019-10991", }, { db: "JVNDB", id: "JVNDB-2019-005813", }, { db: "ZDI", id: "ZDI-19-620", }, { db: "ZDI", id: "ZDI-19-586", }, { db: "ZDI", id: "ZDI-19-588", }, { db: "ZDI", id: "ZDI-19-589", }, { db: "ZDI", id: "ZDI-19-592", }, { db: "ZDI", id: "ZDI-19-594", }, { db: "ZDI", id: "ZDI-19-619", }, { db: "CNVD", id: "CNVD-2019-32472", }, { db: "BID", id: "108923", }, { db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", }, { db: "VULHUB", id: "VHN-142593", }, ], trust: 7.11, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2019-10991", trust: 8.5, }, { db: "ICS CERT", id: "ICSA-19-178-05", trust: 2.8, }, { db: "ZDI", id: "ZDI-19-620", trust: 2.4, }, { db: "ZDI", id: "ZDI-19-586", trust: 2.4, }, { db: "ZDI", id: "ZDI-19-588", trust: 2.4, }, { db: "ZDI", id: "ZDI-19-589", trust: 2.4, }, { db: "ZDI", id: "ZDI-19-592", trust: 2.4, }, { db: "ZDI", id: "ZDI-19-594", trust: 2.4, }, { db: "ZDI", id: "ZDI-19-619", trust: 2.4, }, { db: "CNNVD", id: "CNNVD-201906-1075", trust: 0.9, }, { db: "BID", id: "108923", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32472", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-005813", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-8191", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7951", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8063", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8064", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7906", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8117", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8189", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.2350", trust: 0.6, }, { db: "IVD", id: "917426FF-7065-403B-BD4D-431E7D3751D4", trust: 0.2, }, { db: "VULHUB", id: "VHN-142593", trust: 0.1, }, ], sources: [ { db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", }, { db: "ZDI", id: "ZDI-19-620", }, { db: "ZDI", id: "ZDI-19-586", }, { db: "ZDI", id: "ZDI-19-588", }, { db: "ZDI", id: "ZDI-19-589", }, { db: "ZDI", id: "ZDI-19-592", }, { db: "ZDI", id: "ZDI-19-594", }, { db: "ZDI", id: "ZDI-19-619", }, { db: "CNVD", id: "CNVD-2019-32472", }, { db: "VULHUB", id: "VHN-142593", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005813", }, { db: "CNNVD", id: "CNNVD-201906-1075", }, { db: "NVD", id: "CVE-2019-10991", }, ], }, id: "VAR-201906-1028", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", }, { db: "CNVD", id: "CNVD-2019-32472", }, { db: "VULHUB", id: "VHN-142593", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", }, { db: "CNVD", id: "CNVD-2019-32472", }, ], }, last_update_date: "2024-11-23T21:52:09.434000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 4.9, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32472)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181485", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94178", }, ], sources: [ { db: "ZDI", id: "ZDI-19-620", }, { db: "ZDI", id: "ZDI-19-586", }, { db: "ZDI", id: "ZDI-19-588", }, { db: "ZDI", id: "ZDI-19-589", }, { db: "ZDI", id: "ZDI-19-592", }, { db: "ZDI", id: "ZDI-19-594", }, { db: "ZDI", id: "ZDI-19-619", }, { db: "CNVD", id: "CNVD-2019-32472", }, { db: "JVNDB", id: "JVNDB-2019-005813", }, { db: "CNNVD", id: "CNNVD-201906-1075", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "CWE-119", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-142593", }, { db: "JVNDB", id: "JVNDB-2019-005813", }, { db: "NVD", id: "CVE-2019-10991", }, ], }, references: { _id: null, data: [ { trust: 7.7, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { trust: 2.3, url: "https://www.zerodayinitiative.com/advisories/zdi-19-620/", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10991", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-586/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-588/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-589/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-592/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-594/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-619/", }, { trust: 0.9, url: "http://webaccess.advantech.com", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10991", }, { trust: 0.6, url: "https://www.securityfocus.com/bid/108923", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2350/", }, ], sources: [ { db: "ZDI", id: "ZDI-19-620", }, { db: "ZDI", id: "ZDI-19-586", }, { db: "ZDI", id: "ZDI-19-588", }, { db: "ZDI", id: "ZDI-19-589", }, { db: "ZDI", id: "ZDI-19-592", }, { db: "ZDI", id: "ZDI-19-594", }, { db: "ZDI", id: "ZDI-19-619", }, { db: "CNVD", id: "CNVD-2019-32472", }, { db: "VULHUB", id: "VHN-142593", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005813", }, { db: "CNNVD", id: "CNNVD-201906-1075", }, { db: "NVD", id: "CVE-2019-10991", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", ident: null, }, { db: "ZDI", id: "ZDI-19-620", ident: null, }, { db: "ZDI", id: "ZDI-19-586", ident: null, }, { db: "ZDI", id: "ZDI-19-588", ident: null, }, { db: "ZDI", id: "ZDI-19-589", ident: null, }, { db: "ZDI", id: "ZDI-19-592", ident: null, }, { db: "ZDI", id: "ZDI-19-594", ident: null, }, { db: "ZDI", id: "ZDI-19-619", ident: null, }, { db: "CNVD", id: "CNVD-2019-32472", ident: null, }, { db: "VULHUB", id: "VHN-142593", ident: null, }, { db: "BID", id: "108923", ident: null, }, { db: "JVNDB", id: "JVNDB-2019-005813", ident: null, }, { db: "CNNVD", id: "CNNVD-201906-1075", ident: null, }, { db: "NVD", id: "CVE-2019-10991", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-620", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-586", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-588", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-589", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-592", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-594", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-619", ident: null, }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32472", ident: null, }, { date: "2019-06-28T00:00:00", db: "VULHUB", id: "VHN-142593", ident: null, }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", ident: null, }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005813", ident: null, }, { date: "2019-06-27T00:00:00", db: "CNNVD", id: "CNNVD-201906-1075", ident: null, }, { date: "2019-06-28T21:15:11.307000", db: "NVD", id: "CVE-2019-10991", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-620", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-586", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-588", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-589", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-592", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-594", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-619", ident: null, }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32472", ident: null, }, { date: "2023-03-02T00:00:00", db: "VULHUB", id: "VHN-142593", ident: null, }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", ident: null, }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005813", ident: null, }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201906-1075", ident: null, }, { date: "2024-11-21T04:20:18.510000", db: "NVD", id: "CVE-2019-10991", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-1075", }, ], trust: 0.6, }, title: { _id: null, data: "WebAccess/SCADA Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-005813", }, ], trust: 0.8, }, type: { _id: null, data: "Buffer error", sources: [ { db: "IVD", id: "917426ff-7065-403b-bd4d-431e7d3751d4", }, { db: "CNNVD", id: "CNNVD-201906-1075", }, ], trust: 0.8, }, }
var-202008-1299
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has logic flaws. Attackers can use the vulnerability to access and modify the registry of the user's system, and can execute arbitrary commands on the user's system.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1299", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2020-48620", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48620", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has logic flaws. Attackers can use the vulnerability to access and modify the registry of the user's system, and can execute arbitrary commands on the user's system.", sources: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48620", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], }, id: "VAR-202008-1299", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], }, last_update_date: "2022-05-04T09:46:18.641000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control IWshShell_Class class RegWrite member has logic defect vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225695", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48620", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48620", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has logic flaw vulnerability", sources: [ { db: "CNVD", id: "CNVD-2020-48620", }, ], trust: 0.6, }, }
var-201904-0182
Vulnerability from variot
Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution. Advantech WebAccess/SCADA Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwrunmie.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following vulnerabilities: 1. Multiple command-injection vulnerabilities 2. A denial-of-service vulnerability 3. Multiple stack-based buffer-overflow vulnerabilities An attacker can exploit these issues to inject and execute arbitrary commands in the context of the application. Failed exploit attempts will result in denial-of-service conditions. The vulnerability comes from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: null, trust: 1.4, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess", scope: "eq", trust: 0.8, vendor: "advantech", version: "8.3.5 and less", }, { _id: null, model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3", }, { _id: null, model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.4", }, { _id: null, model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", }, { db: "ZDI", id: "ZDI-19-326", }, { db: "ZDI", id: "ZDI-19-324", }, { db: "CNVD", id: "CNVD-2019-08949", }, { db: "BID", id: "107675", }, { db: "JVNDB", id: "JVNDB-2019-003120", }, { db: "NVD", id: "CVE-2019-6552", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-003120", }, ], }, credits: { _id: null, data: "Mat Powell of Trend Micro Zero Day Initiative", sources: [ { db: "ZDI", id: "ZDI-19-326", }, { db: "ZDI", id: "ZDI-19-324", }, ], trust: 1.4, }, cve: "CVE-2019-6552", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-6552", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2019-08949", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-157987", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-6552", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.4, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-6552", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-6552", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2019-6552", trust: 1.4, value: "CRITICAL", }, { author: "nvd@nist.gov", id: "CVE-2019-6552", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-6552", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-08949", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201904-091", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-157987", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-6552", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", }, { db: "ZDI", id: "ZDI-19-326", }, { db: "ZDI", id: "ZDI-19-324", }, { db: "CNVD", id: "CNVD-2019-08949", }, { db: "VULHUB", id: "VHN-157987", }, { db: "VULMON", id: "CVE-2019-6552", }, { db: "JVNDB", id: "JVNDB-2019-003120", }, { db: "CNNVD", id: "CNNVD-201904-091", }, { db: "NVD", id: "CVE-2019-6552", }, ], }, description: { _id: null, data: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution. Advantech WebAccess/SCADA Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwrunmie.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following vulnerabilities:\n1. Multiple command-injection vulnerabilities\n2. A denial-of-service vulnerability\n3. Multiple stack-based buffer-overflow vulnerabilities\nAn attacker can exploit these issues to inject and execute arbitrary commands in the context of the application. Failed exploit attempts will result in denial-of-service conditions. The vulnerability comes from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data", sources: [ { db: "NVD", id: "CVE-2019-6552", }, { db: "JVNDB", id: "JVNDB-2019-003120", }, { db: "ZDI", id: "ZDI-19-326", }, { db: "ZDI", id: "ZDI-19-324", }, { db: "CNVD", id: "CNVD-2019-08949", }, { db: "BID", id: "107675", }, { db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", }, { db: "VULHUB", id: "VHN-157987", }, { db: "VULMON", id: "CVE-2019-6552", }, ], trust: 4.05, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2019-6552", trust: 5.1, }, { db: "ICS CERT", id: "ICSA-19-092-01", trust: 3.5, }, { db: "ZDI", id: "ZDI-19-326", trust: 1.3, }, { db: "BID", id: "107675", trust: 1, }, { db: "CNNVD", id: "CNNVD-201904-091", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-08949", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-003120", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-7928", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7926", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-324", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.1113", trust: 0.6, }, { db: "IVD", id: "7965849B-AD7C-448A-ABFE-D9BB6EA63FFA", trust: 0.2, }, { db: "VULHUB", id: "VHN-157987", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-6552", trust: 0.1, }, ], sources: [ { db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", }, { db: "ZDI", id: "ZDI-19-326", }, { db: "ZDI", id: "ZDI-19-324", }, { db: "CNVD", id: "CNVD-2019-08949", }, { db: "VULHUB", id: "VHN-157987", }, { db: "VULMON", id: "CVE-2019-6552", }, { db: "BID", id: "107675", }, { db: "JVNDB", id: "JVNDB-2019-003120", }, { db: "CNNVD", id: "CNNVD-201904-091", }, { db: "NVD", id: "CVE-2019-6552", }, ], }, id: "VAR-201904-0182", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", }, { db: "CNVD", id: "CNVD-2019-08949", }, { db: "VULHUB", id: "VHN-157987", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", }, { db: "CNVD", id: "CNVD-2019-08949", }, ], }, last_update_date: "2024-11-23T22:17:06.420000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 1.4, url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Patch for Advantech WebAccess/SCADA Command Injection Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/157943", }, { title: "Advantech WebAccess and Advantech WebAccess/SCADA Fixes for command injection vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91015", }, ], sources: [ { db: "ZDI", id: "ZDI-19-326", }, { db: "ZDI", id: "ZDI-19-324", }, { db: "CNVD", id: "CNVD-2019-08949", }, { db: "JVNDB", id: "JVNDB-2019-003120", }, { db: "CNNVD", id: "CNNVD-201904-091", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-77", trust: 1.9, }, { problemtype: "CWE-78", trust: 1.1, }, ], sources: [ { db: "VULHUB", id: "VHN-157987", }, { db: "JVNDB", id: "JVNDB-2019-003120", }, { db: "NVD", id: "CVE-2019-6552", }, ], }, references: { _id: null, data: [ { trust: 5, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-092-01", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-6552", }, { trust: 1.3, url: "http://www.securityfocus.com/bid/107675", }, { trust: 0.9, url: "https://www.advantech.com/", }, { trust: 0.9, url: "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv&doc_source=download", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6552", }, { trust: 0.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-326/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/78318", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/78.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "ZDI", id: "ZDI-19-326", }, { db: "ZDI", id: "ZDI-19-324", }, { db: "CNVD", id: "CNVD-2019-08949", }, { db: "VULHUB", id: "VHN-157987", }, { db: "VULMON", id: "CVE-2019-6552", }, { db: "BID", id: "107675", }, { db: "JVNDB", id: "JVNDB-2019-003120", }, { db: "CNNVD", id: "CNNVD-201904-091", }, { db: "NVD", id: "CVE-2019-6552", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", ident: null, }, { db: "ZDI", id: "ZDI-19-326", ident: null, }, { db: "ZDI", id: "ZDI-19-324", ident: null, }, { db: "CNVD", id: "CNVD-2019-08949", ident: null, }, { db: "VULHUB", id: "VHN-157987", ident: null, }, { db: "VULMON", id: "CVE-2019-6552", ident: null, }, { db: "BID", id: "107675", ident: null, }, { db: "JVNDB", id: "JVNDB-2019-003120", ident: null, }, { db: "CNNVD", id: "CNNVD-201904-091", ident: null, }, { db: "NVD", id: "CVE-2019-6552", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2019-04-03T00:00:00", db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-326", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-324", ident: null, }, { date: "2019-04-03T00:00:00", db: "CNVD", id: "CNVD-2019-08949", ident: null, }, { date: "2019-04-05T00:00:00", db: "VULHUB", id: "VHN-157987", ident: null, }, { date: "2019-04-05T00:00:00", db: "VULMON", id: "CVE-2019-6552", ident: null, }, { date: "2019-04-02T00:00:00", db: "BID", id: "107675", ident: null, }, { date: "2019-05-10T00:00:00", db: "JVNDB", id: "JVNDB-2019-003120", ident: null, }, { date: "2019-04-02T00:00:00", db: "CNNVD", id: "CNNVD-201904-091", ident: null, }, { date: "2019-04-05T19:29:00.357000", db: "NVD", id: "CVE-2019-6552", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-326", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-324", ident: null, }, { date: "2019-04-03T00:00:00", db: "CNVD", id: "CNVD-2019-08949", ident: null, }, { date: "2020-10-06T00:00:00", db: "VULHUB", id: "VHN-157987", ident: null, }, { date: "2020-10-06T00:00:00", db: "VULMON", id: "CVE-2019-6552", ident: null, }, { date: "2019-04-02T00:00:00", db: "BID", id: "107675", ident: null, }, { date: "2019-05-10T00:00:00", db: "JVNDB", id: "JVNDB-2019-003120", ident: null, }, { date: "2020-10-28T00:00:00", db: "CNNVD", id: "CNNVD-201904-091", ident: null, }, { date: "2024-11-21T04:46:40.877000", db: "NVD", id: "CVE-2019-6552", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201904-091", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess/SCADA Command injection vulnerability", sources: [ { db: "IVD", id: "7965849b-ad7c-448a-abfe-d9bb6ea63ffa", }, { db: "CNVD", id: "CNVD-2019-08949", }, { db: "JVNDB", id: "JVNDB-2019-003120", }, ], trust: 1.6, }, type: { _id: null, data: "operating system commend injection", sources: [ { db: "CNNVD", id: "CNNVD-201904-091", }, ], trust: 0.6, }, }
var-202011-1549
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1549", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58468", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-58468", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-58468", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58468", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.", sources: [ { db: "CNVD", id: "CNVD-2020-58468", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-58468", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58468", }, ], }, id: "VAR-202011-1549", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-58468", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58468", }, ], }, last_update_date: "2022-05-04T10:18:10.607000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-58468", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-28T00:00:00", db: "CNVD", id: "CNVD-2020-58468", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-25T00:00:00", db: "CNVD", id: "CNVD-2020-58468", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has command execution vulnerability (CNVD-2020-58468)", sources: [ { db: "CNVD", id: "CNVD-2020-58468", }, ], trust: 0.6, }, }
var-202008-1295
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain remote connection passwords, background administrator passwords and other sensitive information.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1295", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "CNVD-2020-48622", impactScore: 2.9, integrityImpact: "NONE", severity: "LOW", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48622", trust: 0.6, value: "LOW", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain remote connection passwords, background administrator passwords and other sensitive information.", sources: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48622", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], }, id: "VAR-202008-1295", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], }, last_update_date: "2022-05-04T09:28:01.837000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control FileSystemObject class MoveFile member has an information disclosure vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225691", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48622", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48622", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an information disclosure vulnerability (CNVD-2020-48622)", sources: [ { db: "CNVD", id: "CNVD-2020-48622", }, ], trust: 0.6, }, }
var-202011-1537
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1537", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58469", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-58469", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-58469", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58469", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-58469", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-58469", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58469", }, ], }, id: "VAR-202011-1537", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-58469", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58469", }, ], }, last_update_date: "2022-05-04T08:52:25.603000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-58469", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-28T00:00:00", db: "CNVD", id: "CNVD-2020-58469", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-25T00:00:00", db: "CNVD", id: "CNVD-2020-58469", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-58469)", sources: [ { db: "CNVD", id: "CNVD-2020-58469", }, ], trust: 0.6, }, }
var-201906-1026
Vulnerability from variot
In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. WebAccess/SCADA Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwdraw.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. An information disclosure vulnerability 5. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable. The vulnerability stems from the fact that the program does not correctly verify the length of the data provided by the user
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201906-1026", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess", scope: "lte", trust: 1.8, vendor: "advantech", version: "8.3.5", }, { model: "webaccess", scope: null, trust: 1.4, vendor: "advantech", version: null, }, { model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.0", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "7.2", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.4.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { db: "ZDI", id: "ZDI-19-584", }, { db: "ZDI", id: "ZDI-19-587", }, { db: "CNVD", id: "CNVD-2019-32471", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005815", }, { db: "NVD", id: "CVE-2019-10987", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-005815", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Mat Powell of Trend Micro Zero Day Initiative", sources: [ { db: "ZDI", id: "ZDI-19-584", }, ], trust: 0.7, }, cve: "CVE-2019-10987", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2019-10987", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CNVD-2019-32471", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-142588", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2019-10987", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-10987", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2019-10987", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "REQUIRED", vectorString: "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-10987", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-10987", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2019-10987", trust: 0.8, value: "High", }, { author: "ZDI", id: "CVE-2019-10987", trust: 0.7, value: "HIGH", }, { author: "ZDI", id: "CVE-2019-10987", trust: 0.7, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2019-32471", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201906-1076", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-142588", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { db: "ZDI", id: "ZDI-19-584", }, { db: "ZDI", id: "ZDI-19-587", }, { db: "CNVD", id: "CNVD-2019-32471", }, { db: "VULHUB", id: "VHN-142588", }, { db: "JVNDB", id: "JVNDB-2019-005815", }, { db: "CNNVD", id: "CNNVD-201906-1076", }, { db: "NVD", id: "CVE-2019-10987", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. WebAccess/SCADA Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwdraw.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. An information disclosure vulnerability\n5. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable. The vulnerability stems from the fact that the program does not correctly verify the length of the data provided by the user", sources: [ { db: "NVD", id: "CVE-2019-10987", }, { db: "JVNDB", id: "JVNDB-2019-005815", }, { db: "ZDI", id: "ZDI-19-584", }, { db: "ZDI", id: "ZDI-19-587", }, { db: "CNVD", id: "CNVD-2019-32471", }, { db: "BID", id: "108923", }, { db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { db: "VULHUB", id: "VHN-142588", }, ], trust: 3.96, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-10987", trust: 5, }, { db: "ICS CERT", id: "ICSA-19-178-05", trust: 2.8, }, { db: "ZDI", id: "ZDI-19-584", trust: 2.4, }, { db: "ZDI", id: "ZDI-19-587", trust: 2.4, }, { db: "BID", id: "108923", trust: 1.5, }, { db: "CNNVD", id: "CNNVD-201906-1076", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32471", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-005815", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-7438", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7952", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.2350", trust: 0.6, }, { db: "IVD", id: "2AED5DF4-3281-48D2-B87E-B8691B4A4884", trust: 0.2, }, { db: "VULHUB", id: "VHN-142588", trust: 0.1, }, ], sources: [ { db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { db: "ZDI", id: "ZDI-19-584", }, { db: "ZDI", id: "ZDI-19-587", }, { db: "CNVD", id: "CNVD-2019-32471", }, { db: "VULHUB", id: "VHN-142588", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005815", }, { db: "CNNVD", id: "CNNVD-201906-1076", }, { db: "NVD", id: "CVE-2019-10987", }, ], }, id: "VAR-201906-1026", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { db: "CNVD", id: "CNVD-2019-32471", }, { db: "VULHUB", id: "VHN-142588", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { db: "CNVD", id: "CNVD-2019-32471", }, ], }, last_update_date: "2024-11-23T21:52:09.553000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Advantech WebAccess/SCADA patch for out-of-bounds write vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181491", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94179", }, ], sources: [ { db: "ZDI", id: "ZDI-19-584", }, { db: "ZDI", id: "ZDI-19-587", }, { db: "CNVD", id: "CNVD-2019-32471", }, { db: "JVNDB", id: "JVNDB-2019-005815", }, { db: "CNNVD", id: "CNNVD-201906-1076", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-142588", }, { db: "JVNDB", id: "JVNDB-2019-005815", }, { db: "NVD", id: "CVE-2019-10987", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 4.2, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { trust: 2.3, url: "https://www.zerodayinitiative.com/advisories/zdi-19-587/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-584/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10987", }, { trust: 1.2, url: "http://www.securityfocus.com/bid/108923", }, { trust: 0.9, url: "http://webaccess.advantech.com", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10987", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2350/", }, ], sources: [ { db: "ZDI", id: "ZDI-19-584", }, { db: "ZDI", id: "ZDI-19-587", }, { db: "CNVD", id: "CNVD-2019-32471", }, { db: "VULHUB", id: "VHN-142588", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005815", }, { db: "CNNVD", id: "CNNVD-201906-1076", }, { db: "NVD", id: "CVE-2019-10987", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { db: "ZDI", id: "ZDI-19-584", }, { db: "ZDI", id: "ZDI-19-587", }, { db: "CNVD", id: "CNVD-2019-32471", }, { db: "VULHUB", id: "VHN-142588", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005815", }, { db: "CNNVD", id: "CNNVD-201906-1076", }, { db: "NVD", id: "CVE-2019-10987", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-584", }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-587", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32471", }, { date: "2019-06-28T00:00:00", db: "VULHUB", id: "VHN-142588", }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005815", }, { date: "2019-06-27T00:00:00", db: "CNNVD", id: "CNNVD-201906-1076", }, { date: "2019-06-28T21:15:11.180000", db: "NVD", id: "CVE-2019-10987", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-584", }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-587", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32471", }, { date: "2023-03-02T00:00:00", db: "VULHUB", id: "VHN-142588", }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005815", }, { date: "2019-07-03T00:00:00", db: "CNNVD", id: "CNNVD-201906-1076", }, { date: "2024-11-21T04:20:18.040000", db: "NVD", id: "CVE-2019-10987", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-1076", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA Vulnerable to out-of-bounds writing", sources: [ { db: "JVNDB", id: "JVNDB-2019-005815", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "2aed5df4-3281-48d2-b87e-b8691b4a4884", }, { db: "CNNVD", id: "CNNVD-201906-1076", }, ], trust: 0.8, }, }
var-202005-1250
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x520B in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, ], sources: [ { db: "ZDI", id: "ZDI-20-610", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-610", }, ], trust: 0.7, }, cvss: { _id: null, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "ZDI-20-610", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "ZDI-20-610", trust: 0.7, value: "CRITICAL", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-610", }, ], }, description: { _id: null, data: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x520B in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.", sources: [ { db: "ZDI", id: "ZDI-20-610", }, ], trust: 0.7, }, external_ids: { _id: null, data: [ { db: "ZDI_CAN", id: "ZDI-CAN-9941", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-610", trust: 0.7, }, ], sources: [ { db: "ZDI", id: "ZDI-20-610", }, ], }, id: "VAR-202005-1250", iot: { _id: null, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6405517, }, last_update_date: "2022-05-17T01:50:52.307000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-610", }, ], }, references: { _id: null, data: [ { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-610", }, ], }, sources: { _id: null, data: [ { db: "ZDI", id: "ZDI-20-610", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-610", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-610", ident: null, }, ], }, title: { _id: null, data: "Advantech WebAccess/SCADA DATACORE IOCTL 0x520B Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-610", }, ], trust: 0.7, }, }
var-201909-0221
Vulnerability from variot
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message. Advantech WebAccess/SCADA Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer error vulnerability exists in Advantech WebAccess/SCADA version 8.4.1. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201909-0221", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 1.4, vendor: "advantech", version: "8.4.1", }, { model: "webaccess", scope: "eq", trust: 1, vendor: "advantech", version: "8.4.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "8.4.1", }, ], sources: [ { db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { db: "CNVD", id: "CNVD-2019-32466", }, { db: "JVNDB", id: "JVNDB-2019-009167", }, { db: "NVD", id: "CVE-2019-3975", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess%2Fscada", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-009167", }, ], }, cve: "CVE-2019-3975", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-3975", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32466", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "6779568d-c80f-445b-ba8e-fa61163d09ad", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-155410", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-3975", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-3975", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-3975", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-3975", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-32466", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201909-431", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-155410", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { db: "CNVD", id: "CNVD-2019-32466", }, { db: "VULHUB", id: "VHN-155410", }, { db: "JVNDB", id: "JVNDB-2019-009167", }, { db: "CNNVD", id: "CNNVD-201909-431", }, { db: "NVD", id: "CVE-2019-3975", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message. Advantech WebAccess/SCADA Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer error vulnerability exists in Advantech WebAccess/SCADA version 8.4.1. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc", sources: [ { db: "NVD", id: "CVE-2019-3975", }, { db: "JVNDB", id: "JVNDB-2019-009167", }, { db: "CNVD", id: "CNVD-2019-32466", }, { db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { db: "VULHUB", id: "VHN-155410", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-3975", trust: 3.3, }, { db: "TENABLE", id: "TRA-2019-41", trust: 2.5, }, { db: "CNNVD", id: "CNNVD-201909-431", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32466", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-009167", trust: 0.8, }, { db: "IVD", id: "6779568D-C80F-445B-BA8E-FA61163D09AD", trust: 0.2, }, { db: "VULHUB", id: "VHN-155410", trust: 0.1, }, ], sources: [ { db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { db: "CNVD", id: "CNVD-2019-32466", }, { db: "VULHUB", id: "VHN-155410", }, { db: "JVNDB", id: "JVNDB-2019-009167", }, { db: "CNNVD", id: "CNNVD-201909-431", }, { db: "NVD", id: "CVE-2019-3975", }, ], }, id: "VAR-201909-0221", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { db: "CNVD", id: "CNVD-2019-32466", }, { db: "VULHUB", id: "VHN-155410", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { db: "CNVD", id: "CNVD-2019-32466", }, ], }, last_update_date: "2024-11-23T22:41:21.068000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32466)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181499", }, { title: "Advantech WebAccess/SCADA Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98025", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32466", }, { db: "JVNDB", id: "JVNDB-2019-009167", }, { db: "CNNVD", id: "CNNVD-201909-431", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "CWE-120", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-155410", }, { db: "JVNDB", id: "JVNDB-2019-009167", }, { db: "NVD", id: "CVE-2019-3975", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://www.tenable.com/security/research/tra-2019-41", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3975", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3975", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32466", }, { db: "VULHUB", id: "VHN-155410", }, { db: "JVNDB", id: "JVNDB-2019-009167", }, { db: "CNNVD", id: "CNNVD-201909-431", }, { db: "NVD", id: "CVE-2019-3975", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { db: "CNVD", id: "CNVD-2019-32466", }, { db: "VULHUB", id: "VHN-155410", }, { db: "JVNDB", id: "JVNDB-2019-009167", }, { db: "CNNVD", id: "CNNVD-201909-431", }, { db: "NVD", id: "CVE-2019-3975", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32466", }, { date: "2019-09-10T00:00:00", db: "VULHUB", id: "VHN-155410", }, { date: "2019-09-13T00:00:00", db: "JVNDB", id: "JVNDB-2019-009167", }, { date: "2019-09-10T00:00:00", db: "CNNVD", id: "CNNVD-201909-431", }, { date: "2019-09-10T16:15:12.667000", db: "NVD", id: "CVE-2019-3975", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32466", }, { date: "2019-09-11T00:00:00", db: "VULHUB", id: "VHN-155410", }, { date: "2019-09-13T00:00:00", db: "JVNDB", id: "JVNDB-2019-009167", }, { date: "2021-07-26T00:00:00", db: "CNNVD", id: "CNNVD-201909-431", }, { date: "2024-11-21T04:42:59.290000", db: "NVD", id: "CVE-2019-3975", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201909-431", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Vulnerable to classic buffer overflow", sources: [ { db: "JVNDB", id: "JVNDB-2019-009167", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "6779568d-c80f-445b-ba8e-fa61163d09ad", }, { db: "CNNVD", id: "CNNVD-201909-431", }, ], trust: 0.8, }, }
var-201902-0124
Vulnerability from variot
WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands. WebAccess/SCADA Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess/SCADA version 8.3. A remote attacker can exploit the vulnerability to execute SQL commands by sending a specially crafted request. Advantech WebAccess/SCADA is prone to the following vulnerabilities: 1. Multiple authentication-bypass vulnerabilities 2. An SQL-injection vulnerability An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201902-0124", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 1.7, vendor: "advantech", version: "8.3", }, { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "8.3", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess scada", version: "8.3", }, ], sources: [ { db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { db: "CNVD", id: "CNVD-2019-03260", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001598", }, { db: "NVD", id: "CVE-2019-6523", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess%2Fscada", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-001598", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Devesh Logendran from Attila Cybertech Pte. Ltd.", sources: [ { db: "BID", id: "106722", }, { db: "CNNVD", id: "CNNVD-201901-890", }, ], trust: 0.9, }, cve: "CVE-2019-6523", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-6523", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-03260", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "7d85de81-463f-11e9-a845-000c29342cb1", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-157958", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-6523", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-6523", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-6523", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-03260", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201901-890", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-157958", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-6523", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { db: "CNVD", id: "CNVD-2019-03260", }, { db: "VULHUB", id: "VHN-157958", }, { db: "VULMON", id: "CVE-2019-6523", }, { db: "JVNDB", id: "JVNDB-2019-001598", }, { db: "CNNVD", id: "CNNVD-201901-890", }, { db: "NVD", id: "CVE-2019-6523", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands. WebAccess/SCADA Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess/SCADA version 8.3. A remote attacker can exploit the vulnerability to execute SQL commands by sending a specially crafted request. Advantech WebAccess/SCADA is prone to the following vulnerabilities:\n1. Multiple authentication-bypass vulnerabilities\n2. An SQL-injection vulnerability\nAn attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database", sources: [ { db: "NVD", id: "CVE-2019-6523", }, { db: "JVNDB", id: "JVNDB-2019-001598", }, { db: "CNVD", id: "CNVD-2019-03260", }, { db: "BID", id: "106722", }, { db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { db: "VULHUB", id: "VHN-157958", }, { db: "VULMON", id: "CVE-2019-6523", }, ], trust: 2.79, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-6523", trust: 3.7, }, { db: "ICS CERT", id: "ICSA-19-024-01", trust: 3.5, }, { db: "BID", id: "106722", trust: 2.1, }, { db: "CNNVD", id: "CNNVD-201901-890", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-03260", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-001598", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-19-024-01T", trust: 0.6, }, { db: "IVD", id: "7D85DE81-463F-11E9-A845-000C29342CB1", trust: 0.2, }, { db: "VULHUB", id: "VHN-157958", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-6523", trust: 0.1, }, ], sources: [ { db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { db: "CNVD", id: "CNVD-2019-03260", }, { db: "VULHUB", id: "VHN-157958", }, { db: "VULMON", id: "CVE-2019-6523", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001598", }, { db: "CNNVD", id: "CNNVD-201901-890", }, { db: "NVD", id: "CVE-2019-6523", }, ], }, id: "VAR-201902-0124", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { db: "CNVD", id: "CNVD-2019-03260", }, { db: "VULHUB", id: "VHN-157958", }, ], trust: 1.5586422, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { db: "CNVD", id: "CNVD-2019-03260", }, ], }, last_update_date: "2024-11-23T22:37:55.435000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Patch for Advantech WebAccess/SCADA SQL Injection Vulnerability (CNVD-2019-03260)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/151743", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-03260", }, { db: "JVNDB", id: "JVNDB-2019-001598", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-89", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-157958", }, { db: "JVNDB", id: "JVNDB-2019-001598", }, { db: "NVD", id: "CVE-2019-6523", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.6, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-024-01", }, { trust: 1.8, url: "http://www.securityfocus.com/bid/106722", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-6523", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6523", }, { trust: 0.6, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-024-01third party advisoryus government resource", }, { trust: 0.6, url: "http://www.securityfocus.com/bid/106722third party advisoryvdb entry", }, { trust: 0.3, url: "https://www.advantech.com/", }, { trust: 0.3, url: "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv&doc_source=download", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/89.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-03260", }, { db: "VULHUB", id: "VHN-157958", }, { db: "VULMON", id: "CVE-2019-6523", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001598", }, { db: "CNNVD", id: "CNNVD-201901-890", }, { db: "NVD", id: "CVE-2019-6523", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { db: "CNVD", id: "CNVD-2019-03260", }, { db: "VULHUB", id: "VHN-157958", }, { db: "VULMON", id: "CVE-2019-6523", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001598", }, { db: "CNNVD", id: "CNNVD-201901-890", }, { db: "NVD", id: "CVE-2019-6523", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-01-30T00:00:00", db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { date: "2019-01-28T00:00:00", db: "CNVD", id: "CNVD-2019-03260", }, { date: "2019-02-05T00:00:00", db: "VULHUB", id: "VHN-157958", }, { date: "2019-02-05T00:00:00", db: "VULMON", id: "CVE-2019-6523", }, { date: "2019-01-24T00:00:00", db: "BID", id: "106722", }, { date: "2019-03-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-001598", }, { date: "2019-01-25T00:00:00", db: "CNNVD", id: "CNNVD-201901-890", }, { date: "2019-02-05T21:29:00.863000", db: "NVD", id: "CVE-2019-6523", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-01-30T00:00:00", db: "CNVD", id: "CNVD-2019-03260", }, { date: "2019-02-06T00:00:00", db: "VULHUB", id: "VHN-157958", }, { date: "2019-02-06T00:00:00", db: "VULMON", id: "CVE-2019-6523", }, { date: "2019-01-24T00:00:00", db: "BID", id: "106722", }, { date: "2019-03-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-001598", }, { date: "2019-04-01T00:00:00", db: "CNNVD", id: "CNNVD-201901-890", }, { date: "2024-11-21T04:46:37.410000", db: "NVD", id: "CVE-2019-6523", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201901-890", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA In SQL Injection vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-001598", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "SQL injection", sources: [ { db: "IVD", id: "7d85de81-463f-11e9-a845-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201901-890", }, ], trust: 0.8, }, }
var-201902-0122
Vulnerability from variot
WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data. WebAccess/SCADA Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following vulnerabilities: 1. Multiple authentication-bypass vulnerabilities 2. An SQL-injection vulnerability An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201902-0122", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 1.7, vendor: "advantech", version: "8.3", }, { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "8.3", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess scada", version: "8.3", }, ], sources: [ { db: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", }, { db: "CNVD", id: "CNVD-2019-32480", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001596", }, { db: "NVD", id: "CVE-2019-6519", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess%2Fscada", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-001596", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Devesh Logendran from Attila Cybertech Pte. Ltd.", sources: [ { db: "BID", id: "106722", }, { db: "CNNVD", id: "CNNVD-201901-888", }, ], trust: 0.9, }, cve: "CVE-2019-6519", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-6519", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32480", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-157954", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-6519", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-6519", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-6519", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-32480", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201901-888", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-157954", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", }, { db: "CNVD", id: "CNVD-2019-32480", }, { db: "VULHUB", id: "VHN-157954", }, { db: "JVNDB", id: "JVNDB-2019-001596", }, { db: "CNNVD", id: "CNNVD-201901-888", }, { db: "NVD", id: "CVE-2019-6519", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data. WebAccess/SCADA Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following vulnerabilities:\n1. Multiple authentication-bypass vulnerabilities\n2. An SQL-injection vulnerability\nAn attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database", sources: [ { db: "NVD", id: "CVE-2019-6519", }, { db: "JVNDB", id: "JVNDB-2019-001596", }, { db: "CNVD", id: "CNVD-2019-32480", }, { db: "BID", id: "106722", }, { db: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", }, { db: "VULHUB", id: "VHN-157954", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-6519", trust: 3.6, }, { db: "ICS CERT", id: "ICSA-19-024-01", trust: 2.8, }, { db: "BID", id: "106722", trust: 2, }, { db: "CNNVD", id: "CNNVD-201901-888", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32480", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-001596", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-19-024-01T", trust: 0.6, }, { db: "IVD", id: "3889E774-ABCC-4EE1-BF6B-535A4FBA4CFF", trust: 0.2, }, { db: "VULHUB", id: "VHN-157954", trust: 0.1, }, ], sources: [ { db: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", }, { db: "CNVD", id: "CNVD-2019-32480", }, { db: "VULHUB", id: "VHN-157954", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001596", }, { db: "CNNVD", id: "CNNVD-201901-888", }, { db: "NVD", id: "CVE-2019-6519", }, ], }, id: "VAR-201902-0122", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", }, { db: "CNVD", id: "CNVD-2019-32480", }, { db: "VULHUB", id: "VHN-157954", }, ], trust: 1.5586422, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", }, { db: "CNVD", id: "CNVD-2019-32480", }, ], }, last_update_date: "2024-11-23T22:37:55.518000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Patch for Advantech WebAccess/SCADA Authorization Issue Vulnerability (CNVD-2019-32480)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181479", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32480", }, { db: "JVNDB", id: "JVNDB-2019-001596", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-287", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-157954", }, { db: "JVNDB", id: "JVNDB-2019-001596", }, { db: "NVD", id: "CVE-2019-6519", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-024-01", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/106722", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-6519", }, { trust: 0.9, url: "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv&doc_source=download", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6519", }, { trust: 0.6, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-024-01third party advisoryus government resource", }, { trust: 0.6, url: "http://www.securityfocus.com/bid/106722third party advisoryvdb entry", }, { trust: 0.3, url: "https://www.advantech.com/", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32480", }, { db: "VULHUB", id: "VHN-157954", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001596", }, { db: "CNNVD", id: "CNNVD-201901-888", }, { db: "NVD", id: "CVE-2019-6519", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", }, { db: "CNVD", id: "CNVD-2019-32480", }, { db: "VULHUB", id: "VHN-157954", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001596", }, { db: "CNNVD", id: "CNNVD-201901-888", }, { db: "NVD", id: "CVE-2019-6519", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "3889e774-abcc-4ee1-bf6b-535a4fba4cff", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32480", }, { date: "2019-02-05T00:00:00", db: "VULHUB", id: "VHN-157954", }, { date: "2019-01-24T00:00:00", db: "BID", id: "106722", }, { date: "2019-03-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-001596", }, { date: "2019-01-25T00:00:00", db: "CNNVD", id: "CNNVD-201901-888", }, { date: "2019-02-05T21:29:00.737000", db: "NVD", id: "CVE-2019-6519", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32480", }, { date: "2019-02-06T00:00:00", db: "VULHUB", id: "VHN-157954", }, { date: "2019-01-24T00:00:00", db: "BID", id: "106722", }, { date: "2019-03-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-001596", }, { date: "2019-04-01T00:00:00", db: "CNNVD", id: "CNNVD-201901-888", }, { date: "2024-11-21T04:46:36.913000", db: "NVD", id: "CVE-2019-6519", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201901-888", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA Authentication vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-001596", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "authorization issue", sources: [ { db: "CNNVD", id: "CNNVD-201901-888", }, ], trust: 0.6, }, }
var-202006-1912
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).
Advantech WebAccess/SCADA has a command execution vulnerability that an attacker can use to execute malicious code.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1912", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2020-29401", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-29401", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).\n\r\n\r\nAdvantech WebAccess/SCADA has a command execution vulnerability that an attacker can use to execute malicious code.", sources: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-29401", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], }, id: "VAR-202006-1912", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], }, last_update_date: "2022-05-04T09:38:08.268000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wanodejs.exe file has command execution vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/215705", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-29401", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-28T00:00:00", db: "CNVD", id: "CNVD-2020-29401", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has command execution vulnerability", sources: [ { db: "CNVD", id: "CNVD-2020-29401", }, ], trust: 0.6, }, }
var-201801-1494
Vulnerability from variot
A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. An attacker has read access to files within the directory structure of the target device. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the filename parameter of certUpdate.asp. The issue results from the lack of proper validation of user-supplied data, which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute code under the context of the current process. Advantech WebAccess is a browser-based human interface HMI software package, as well as monitoring and data acquisition SCADA. Advantech WebAccess/SCADA has a directory traversal vulnerability. Advantech WebAccess/SCADA is prone to a directory-traversal vulnerability and a SQL-injection vulnerability A remote attacker could exploit these issues to access data, or exploit latent vulnerabilities in the underlying database or use directory-traversal characters ('../') to access arbitrary files that contain sensitive information. Advantech WebAccess/SCADA is a browser-based SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201801-1494", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "8.2_20170817", }, { model: "webaccess/scada", scope: "lt", trust: 0.8, vendor: "advantech", version: "8.2_20170817", }, { model: "webaccess node", scope: null, trust: 0.7, vendor: "advantech", version: null, }, { model: "webaccess/scada <v8.2 20170817", scope: null, trust: 0.6, vendor: "advantech", version: null, }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.0", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "7.2", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.3", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess scada", version: "*", }, ], sources: [ { db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { db: "ZDI", id: "ZDI-18-142", }, { db: "CNVD", id: "CNVD-2018-01709", }, { db: "BID", id: "102781", }, { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "NVD", id: "CVE-2018-5445", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess%2Fscada", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-001575", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "rgod", sources: [ { db: "ZDI", id: "ZDI-18-142", }, ], trust: 0.7, }, cve: "CVE-2018-5445", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2018-5445", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "ZDI", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2018-5445", impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "HIGH", trust: 0.7, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2018-01709", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-135476", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2018-5445", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2018-5445", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2018-5445", trust: 0.8, value: "Medium", }, { author: "ZDI", id: "CVE-2018-5445", trust: 0.7, value: "HIGH", }, { author: "CNVD", id: "CNVD-2018-01709", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201801-958", trust: 0.6, value: "MEDIUM", }, { author: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", trust: 0.2, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-135476", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { db: "ZDI", id: "ZDI-18-142", }, { db: "CNVD", id: "CNVD-2018-01709", }, { db: "VULHUB", id: "VHN-135476", }, { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "CNNVD", id: "CNNVD-201801-958", }, { db: "NVD", id: "CVE-2018-5445", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. An attacker has read access to files within the directory structure of the target device. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the filename parameter of certUpdate.asp. The issue results from the lack of proper validation of user-supplied data, which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute code under the context of the current process. Advantech WebAccess is a browser-based human interface HMI software package, as well as monitoring and data acquisition SCADA. Advantech WebAccess/SCADA has a directory traversal vulnerability. Advantech WebAccess/SCADA is prone to a directory-traversal vulnerability and a SQL-injection vulnerability\nA remote attacker could exploit these issues to access data, or exploit latent vulnerabilities in the underlying database or use directory-traversal characters ('../') to access arbitrary files that contain sensitive information. Advantech WebAccess/SCADA is a browser-based SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2018-5445", }, { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "ZDI", id: "ZDI-18-142", }, { db: "CNVD", id: "CNVD-2018-01709", }, { db: "BID", id: "102781", }, { db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { db: "VULHUB", id: "VHN-135476", }, ], trust: 3.33, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-5445", trust: 4.3, }, { db: "ICS CERT", id: "ICSA-18-023-01", trust: 3.4, }, { db: "BID", id: "102781", trust: 2, }, { db: "CNNVD", id: "CNNVD-201801-958", trust: 0.9, }, { db: "CNVD", id: "CNVD-2018-01709", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2018-001575", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-5492", trust: 0.7, }, { db: "ZDI", id: "ZDI-18-142", trust: 0.7, }, { db: "IVD", id: "E2E2B54F-39AB-11E9-B4D4-000C29342CB1", trust: 0.2, }, { db: "VULHUB", id: "VHN-135476", trust: 0.1, }, ], sources: [ { db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { db: "ZDI", id: "ZDI-18-142", }, { db: "CNVD", id: "CNVD-2018-01709", }, { db: "VULHUB", id: "VHN-135476", }, { db: "BID", id: "102781", }, { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "CNNVD", id: "CNNVD-201801-958", }, { db: "NVD", id: "CVE-2018-5445", }, ], }, id: "VAR-201801-1494", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-01709", }, { db: "VULHUB", id: "VHN-135476", }, ], trust: 1.6679344999999999, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-01709", }, ], }, last_update_date: "2024-11-23T22:34:24.928000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "http://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-023-01", }, { title: "Advantech WebAccess/SCADA Directory Traversal Vulnerability Patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/114215", }, { title: "Advantech WebAccess/SCADA Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78082", }, ], sources: [ { db: "ZDI", id: "ZDI-18-142", }, { db: "CNVD", id: "CNVD-2018-01709", }, { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "CNNVD", id: "CNNVD-201801-958", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-22", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-135476", }, { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "NVD", id: "CVE-2018-5445", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.5, url: "https://ics-cert.us-cert.gov/advisories/icsa-18-023-01", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/102781", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5445", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2018-5445", }, { trust: 0.6, url: "https://www.proxyit.cc/advisories/icsa-18-023-01", }, { trust: 0.3, url: "http://www.advantech.in/", }, { trust: 0.3, url: "http://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, ], sources: [ { db: "ZDI", id: "ZDI-18-142", }, { db: "CNVD", id: "CNVD-2018-01709", }, { db: "VULHUB", id: "VHN-135476", }, { db: "BID", id: "102781", }, { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "CNNVD", id: "CNNVD-201801-958", }, { db: "NVD", id: "CVE-2018-5445", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { db: "ZDI", id: "ZDI-18-142", }, { db: "CNVD", id: "CNVD-2018-01709", }, { db: "VULHUB", id: "VHN-135476", }, { db: "BID", id: "102781", }, { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "CNNVD", id: "CNNVD-201801-958", }, { db: "NVD", id: "CVE-2018-5445", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-01-24T00:00:00", db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { date: "2018-02-06T00:00:00", db: "ZDI", id: "ZDI-18-142", }, { date: "2018-01-24T00:00:00", db: "CNVD", id: "CNVD-2018-01709", }, { date: "2018-01-25T00:00:00", db: "VULHUB", id: "VHN-135476", }, { date: "2018-01-23T00:00:00", db: "BID", id: "102781", }, { date: "2018-02-26T00:00:00", db: "JVNDB", id: "JVNDB-2018-001575", }, { date: "2018-01-26T00:00:00", db: "CNNVD", id: "CNNVD-201801-958", }, { date: "2018-01-25T03:29:00.367000", db: "NVD", id: "CVE-2018-5445", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-02-09T00:00:00", db: "ZDI", id: "ZDI-18-142", }, { date: "2018-01-24T00:00:00", db: "CNVD", id: "CNVD-2018-01709", }, { date: "2019-10-09T00:00:00", db: "VULHUB", id: "VHN-135476", }, { date: "2018-01-23T00:00:00", db: "BID", id: "102781", }, { date: "2018-02-26T00:00:00", db: "JVNDB", id: "JVNDB-2018-001575", }, { date: "2019-10-17T00:00:00", db: "CNNVD", id: "CNNVD-201801-958", }, { date: "2024-11-21T04:08:49.057000", db: "NVD", id: "CVE-2018-5445", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201801-958", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Path traversal vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-001575", }, { db: "CNNVD", id: "CNNVD-201801-958", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Path traversal", sources: [ { db: "IVD", id: "e2e2b54f-39ab-11e9-b4d4-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201801-958", }, ], trust: 0.8, }, }
var-202006-1903
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files on the server.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1903", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-29403", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-29403", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files on the server.", sources: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-29403", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], }, id: "VAR-202006-1903", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], }, last_update_date: "2022-05-04T09:42:25.766000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA bwtalk4.exe file has system command injection vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/216135", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-29403", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-28T00:00:00", db: "CNVD", id: "CNVD-2020-29403", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has arbitrary file deletion vulnerability (CNVD-2020-29403)", sources: [ { db: "CNVD", id: "CNVD-2020-29403", }, ], trust: 0.6, }, }
var-202306-0130
Vulnerability from variot
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from China Advantech Company. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202306-0130", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lte", trust: 1, vendor: "advantech", version: "9.1.3", }, { model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=9.1.3", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15541", }, { db: "NVD", id: "CVE-2023-32628", }, ], }, cve: "CVE-2023-32628", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2024-15541", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2023-32628", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ics-cert@hq.dhs.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-32628", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32628", trust: 1, value: "CRITICAL", }, { author: "ics-cert@hq.dhs.gov", id: "CVE-2023-32628", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2024-15541", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202306-087", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15541", }, { db: "CNNVD", id: "CNNVD-202306-087", }, { db: "NVD", id: "CVE-2023-32628", }, { db: "NVD", id: "CVE-2023-32628", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "\n\n\n\n\nIn Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from China Advantech Company. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2023-32628", }, { db: "CNVD", id: "CNVD-2024-15541", }, { db: "VULMON", id: "CVE-2023-32628", }, ], trust: 1.53, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32628", trust: 2.3, }, { db: "ICS CERT", id: "ICSA-23-152-01", trust: 1.7, }, { db: "AUSCERT", id: "ESB-2023.3138", trust: 1.2, }, { db: "CNVD", id: "CNVD-2024-15541", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202306-087", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-32628", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15541", }, { db: "VULMON", id: "CVE-2023-32628", }, { db: "CNNVD", id: "CNNVD-202306-087", }, { db: "NVD", id: "CVE-2023-32628", }, ], }, id: "VAR-202306-0130", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2024-15541", }, ], trust: 1.2586422, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15541", }, ], }, last_update_date: "2024-08-14T14:43:12.454000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Advantech WebAccess/SCADA arbitrary file upload vulnerability (CNVD-2024-15541)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/537536", }, { title: "Advantech WebAccess/SCADA Fixes for code issue vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=241309", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15541", }, { db: "CNNVD", id: "CNNVD-202306-087", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-434", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32628", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, { trust: 1.2, url: "https://www.auscert.org.au/bulletins/esb-2023.3138", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-32628/", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2023-32628", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/434.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15541", }, { db: "VULMON", id: "CVE-2023-32628", }, { db: "CNNVD", id: "CNNVD-202306-087", }, { db: "NVD", id: "CVE-2023-32628", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2024-15541", }, { db: "VULMON", id: "CVE-2023-32628", }, { db: "CNNVD", id: "CNNVD-202306-087", }, { db: "NVD", id: "CVE-2023-32628", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-03-29T00:00:00", db: "CNVD", id: "CNVD-2024-15541", }, { date: "2023-06-06T00:00:00", db: "VULMON", id: "CVE-2023-32628", }, { date: "2023-06-02T00:00:00", db: "CNNVD", id: "CNNVD-202306-087", }, { date: "2023-06-06T00:15:10.177000", db: "NVD", id: "CVE-2023-32628", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-03-29T00:00:00", db: "CNVD", id: "CNVD-2024-15541", }, { date: "2023-06-06T00:00:00", db: "VULMON", id: "CVE-2023-32628", }, { date: "2023-06-13T00:00:00", db: "CNNVD", id: "CNNVD-202306-087", }, { date: "2023-06-12T16:53:19.953000", db: "NVD", id: "CVE-2023-32628", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202306-087", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA arbitrary file upload vulnerability (CNVD-2024-15541)", sources: [ { db: "CNVD", id: "CNVD-2024-15541", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code problem", sources: [ { db: "CNNVD", id: "CNNVD-202306-087", }, ], trust: 0.6, }, }
var-201906-0330
Vulnerability from variot
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 81024 RPC call. Advantech WebAccess/SCADA Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AdvantechWebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in AdvantechWebAccess/SCADA version 8.4.0. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0330", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess", scope: "eq", trust: 1.8, vendor: "advantech", version: "8.4.0", }, { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "8.4.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "8.4.0", }, ], sources: [ { db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { db: "CNVD", id: "CNVD-2019-18839", }, { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "NVD", id: "CVE-2019-3954", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-005594", }, ], }, cve: "CVE-2019-3954", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-3954", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-18839", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-155389", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-3954", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-3954", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-3954", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-18839", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201906-724", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-155389", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { db: "CNVD", id: "CNVD-2019-18839", }, { db: "VULHUB", id: "VHN-155389", }, { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "CNNVD", id: "CNNVD-201906-724", }, { db: "NVD", id: "CVE-2019-3954", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 81024 RPC call. Advantech WebAccess/SCADA Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AdvantechWebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in AdvantechWebAccess/SCADA version 8.4.0. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow", sources: [ { db: "NVD", id: "CVE-2019-3954", }, { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "CNVD", id: "CNVD-2019-18839", }, { db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { db: "VULHUB", id: "VHN-155389", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-3954", trust: 3.3, }, { db: "TENABLE", id: "TRA-2019-28", trust: 3.1, }, { db: "CNNVD", id: "CNNVD-201906-724", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-18839", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-005594", trust: 0.8, }, { db: "IVD", id: "FD36FFFD-9D2A-4D51-AC7D-BAA7412A79AD", trust: 0.2, }, { db: "VULHUB", id: "VHN-155389", trust: 0.1, }, ], sources: [ { db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { db: "CNVD", id: "CNVD-2019-18839", }, { db: "VULHUB", id: "VHN-155389", }, { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "CNNVD", id: "CNNVD-201906-724", }, { db: "NVD", id: "CVE-2019-3954", }, ], }, id: "VAR-201906-0330", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { db: "CNVD", id: "CNVD-2019-18839", }, { db: "VULHUB", id: "VHN-155389", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { db: "CNVD", id: "CNVD-2019-18839", }, ], }, last_update_date: "2024-11-23T22:33:57.134000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Patch for AdvantechWebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-18839)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/164439", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93906", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-18839", }, { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "CNNVD", id: "CNNVD-201906-724", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "CWE-119", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-155389", }, { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "NVD", id: "CVE-2019-3954", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://www.tenable.com/security/research/tra-2019-28", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3954", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3954", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-18839", }, { db: "VULHUB", id: "VHN-155389", }, { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "CNNVD", id: "CNNVD-201906-724", }, { db: "NVD", id: "CVE-2019-3954", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { db: "CNVD", id: "CNVD-2019-18839", }, { db: "VULHUB", id: "VHN-155389", }, { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "CNNVD", id: "CNNVD-201906-724", }, { db: "NVD", id: "CVE-2019-3954", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-21T00:00:00", db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { date: "2019-06-21T00:00:00", db: "CNVD", id: "CNVD-2019-18839", }, { date: "2019-06-19T00:00:00", db: "VULHUB", id: "VHN-155389", }, { date: "2019-06-24T00:00:00", db: "JVNDB", id: "JVNDB-2019-005594", }, { date: "2019-06-18T00:00:00", db: "CNNVD", id: "CNNVD-201906-724", }, { date: "2019-06-19T00:15:13.360000", db: "NVD", id: "CVE-2019-3954", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-21T00:00:00", db: "CNVD", id: "CNVD-2019-18839", }, { date: "2020-08-24T00:00:00", db: "VULHUB", id: "VHN-155389", }, { date: "2019-06-24T00:00:00", db: "JVNDB", id: "JVNDB-2019-005594", }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201906-724", }, { date: "2024-11-21T04:42:56.187000", db: "NVD", id: "CVE-2019-3954", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-724", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-005594", }, { db: "CNNVD", id: "CNNVD-201906-724", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "fd36fffd-9d2a-4d51-ac7d-baa7412a79ad", }, { db: "CNNVD", id: "CNNVD-201906-724", }, ], trust: 0.8, }, }
var-202011-1558
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1558", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58466", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-58466", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-58466", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58466", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-58466", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-58466", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58466", }, ], }, id: "VAR-202011-1558", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-58466", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58466", }, ], }, last_update_date: "2022-05-04T08:52:25.592000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-58466", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-28T00:00:00", db: "CNVD", id: "CNVD-2020-58466", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-25T00:00:00", db: "CNVD", id: "CNVD-2020-58466", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-58466)", sources: [ { db: "CNVD", id: "CNVD-2020-58466", }, ], trust: 0.6, }, }
var-202005-1238
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5208 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202005-1238", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, ], sources: [ { db: "ZDI", id: "ZDI-20-608", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-608", }, ], trust: 0.7, }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "ZDI-20-608", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "ZDI-20-608", trust: 0.7, value: "CRITICAL", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-608", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5208 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.", sources: [ { db: "ZDI", id: "ZDI-20-608", }, ], trust: 0.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "ZDI_CAN", id: "ZDI-CAN-9938", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-608", trust: 0.7, }, ], sources: [ { db: "ZDI", id: "ZDI-20-608", }, ], }, id: "VAR-202005-1238", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6405517, }, last_update_date: "2022-05-17T01:59:53.584000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-608", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-608", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "ZDI", id: "ZDI-20-608", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-608", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-608", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA DATACORE IOCTL 0x5208 Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-608", }, ], trust: 0.7, }, }
var-202008-1272
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1272", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2020-48616", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48616", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.", sources: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48616", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], }, id: "VAR-202008-1272", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], }, last_update_date: "2022-05-04T10:15:04.588000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control WshShell class run member has command execution vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225709", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48616", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48616", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has command execution vulnerability (CNVD-2020-48616)", sources: [ { db: "CNVD", id: "CNVD-2020-48616", }, ], trust: 0.6, }, }
var-201906-1025
Vulnerability from variot
In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator. WebAccess/SCADA Contains a path traversal vulnerability.Information may be tampered with. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. An information disclosure vulnerability 5. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: "lte", trust: 1.8, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess", scope: null, trust: 0.7, vendor: "advantech", version: null, }, { _id: null, model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.1", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.0", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "7.2", }, { _id: null, model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.4.1", }, { _id: null, model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", }, { db: "ZDI", id: "ZDI-19-622", }, { db: "CNVD", id: "CNVD-2019-32476", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005816", }, { db: "NVD", id: "CVE-2019-10985", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-005816", }, ], }, credits: { _id: null, data: "Mat Powell of Trend Micro Zero Day Initiative", sources: [ { db: "ZDI", id: "ZDI-19-622", }, ], trust: 0.7, }, cve: "CVE-2019-10985", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2019-10985", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2019-32476", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "ca331763-0568-4e00-aca9-d10db9f939d6", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-142586", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2019-10985", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-10985", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2019-10985", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-10985", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-10985", trust: 0.8, value: "High", }, { author: "ZDI", id: "CVE-2019-10985", trust: 0.7, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-32476", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201906-1074", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-142586", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", }, { db: "ZDI", id: "ZDI-19-622", }, { db: "CNVD", id: "CNVD-2019-32476", }, { db: "VULHUB", id: "VHN-142586", }, { db: "JVNDB", id: "JVNDB-2019-005816", }, { db: "CNNVD", id: "CNNVD-201906-1074", }, { db: "NVD", id: "CVE-2019-10985", }, ], }, description: { _id: null, data: "In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator. WebAccess/SCADA Contains a path traversal vulnerability.Information may be tampered with. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. An information disclosure vulnerability\n5. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable", sources: [ { db: "NVD", id: "CVE-2019-10985", }, { db: "JVNDB", id: "JVNDB-2019-005816", }, { db: "ZDI", id: "ZDI-19-622", }, { db: "CNVD", id: "CNVD-2019-32476", }, { db: "BID", id: "108923", }, { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", }, { db: "VULHUB", id: "VHN-142586", }, ], trust: 3.33, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2019-10985", trust: 4.3, }, { db: "ZDI", id: "ZDI-19-622", trust: 3, }, { db: "ICS CERT", id: "ICSA-19-178-05", trust: 2.8, }, { db: "CNNVD", id: "CNNVD-201906-1074", trust: 0.9, }, { db: "BID", id: "108923", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32476", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-005816", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-8194", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.2350", trust: 0.6, }, { db: "IVD", id: "CA331763-0568-4E00-ACA9-D10DB9F939D6", trust: 0.2, }, { db: "VULHUB", id: "VHN-142586", trust: 0.1, }, ], sources: [ { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", }, { db: "ZDI", id: "ZDI-19-622", }, { db: "CNVD", id: "CNVD-2019-32476", }, { db: "VULHUB", id: "VHN-142586", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005816", }, { db: "CNNVD", id: "CNNVD-201906-1074", }, { db: "NVD", id: "CVE-2019-10985", }, ], }, id: "VAR-201906-1025", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", }, { db: "CNVD", id: "CNVD-2019-32476", }, { db: "VULHUB", id: "VHN-142586", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", }, { db: "CNVD", id: "CNVD-2019-32476", }, ], }, last_update_date: "2024-11-23T21:52:09.506000Z", patch: { _id: null, data: [ { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { title: "Patch for Advantech WebAccess/SCADA Path Traversal Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181493", }, { title: "Advantech WebAccess/SCADA Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=94177", }, ], sources: [ { db: "ZDI", id: "ZDI-19-622", }, { db: "CNVD", id: "CNVD-2019-32476", }, { db: "JVNDB", id: "JVNDB-2019-005816", }, { db: "CNNVD", id: "CNNVD-201906-1074", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-22", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-142586", }, { db: "JVNDB", id: "JVNDB-2019-005816", }, { db: "NVD", id: "CVE-2019-10985", }, ], }, references: { _id: null, data: [ { trust: 3.5, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { trust: 2.3, url: "https://www.zerodayinitiative.com/advisories/zdi-19-622/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10985", }, { trust: 0.9, url: "http://webaccess.advantech.com", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10985", }, { trust: 0.6, url: "https://www.securityfocus.com/bid/108923", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2350/", }, ], sources: [ { db: "ZDI", id: "ZDI-19-622", }, { db: "CNVD", id: "CNVD-2019-32476", }, { db: "VULHUB", id: "VHN-142586", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005816", }, { db: "CNNVD", id: "CNNVD-201906-1074", }, { db: "NVD", id: "CVE-2019-10985", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", ident: null, }, { db: "ZDI", id: "ZDI-19-622", ident: null, }, { db: "CNVD", id: "CNVD-2019-32476", ident: null, }, { db: "VULHUB", id: "VHN-142586", ident: null, }, { db: "BID", id: "108923", ident: null, }, { db: "JVNDB", id: "JVNDB-2019-005816", ident: null, }, { db: "CNNVD", id: "CNNVD-201906-1074", ident: null, }, { db: "NVD", id: "CVE-2019-10985", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-622", ident: null, }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32476", ident: null, }, { date: "2019-06-28T00:00:00", db: "VULHUB", id: "VHN-142586", ident: null, }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", ident: null, }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005816", ident: null, }, { date: "2019-06-27T00:00:00", db: "CNNVD", id: "CNNVD-201906-1074", ident: null, }, { date: "2019-06-28T21:15:11.117000", db: "NVD", id: "CVE-2019-10985", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-622", ident: null, }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32476", ident: null, }, { date: "2023-03-02T00:00:00", db: "VULHUB", id: "VHN-142586", ident: null, }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", ident: null, }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005816", ident: null, }, { date: "2023-03-03T00:00:00", db: "CNNVD", id: "CNNVD-201906-1074", ident: null, }, { date: "2024-11-21T04:20:17.927000", db: "NVD", id: "CVE-2019-10985", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-1074", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess/SCADA Path traversal vulnerability", sources: [ { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", }, { db: "CNVD", id: "CNVD-2019-32476", }, { db: "CNNVD", id: "CNNVD-201906-1074", }, ], trust: 1.4, }, type: { _id: null, data: "Path traversal", sources: [ { db: "IVD", id: "ca331763-0568-4e00-aca9-d10db9f939d6", }, { db: "CNNVD", id: "CNNVD-201906-1074", }, ], trust: 0.8, }, }
var-202005-1241
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5213 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202005-1241", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, ], sources: [ { db: "ZDI", id: "ZDI-20-609", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-609", }, ], trust: 0.7, }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "ZDI-20-609", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "ZDI-20-609", trust: 0.7, value: "CRITICAL", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-609", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5213 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.", sources: [ { db: "ZDI", id: "ZDI-20-609", }, ], trust: 0.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "ZDI_CAN", id: "ZDI-CAN-9939", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-609", trust: 0.7, }, ], sources: [ { db: "ZDI", id: "ZDI-20-609", }, ], }, id: "VAR-202005-1241", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6405517, }, last_update_date: "2022-05-17T01:47:48.169000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-609", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-609", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "ZDI", id: "ZDI-20-609", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-609", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-609", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA DATACORE IOCTL 0x5213 Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-609", }, ], trust: 0.7, }, }
var-202108-0791
Vulnerability from variot
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. WebAccess/SCADA The following multiple vulnerabilities exist in. * Cross-site scripting (CWE-79) - CVE-2021-22676 ‥ * Relative path traversal (CWE-23) - CVE-2021-22674 ‥ * Stack-based buffer overflow (CWE-121) - CVE-2021-32943The expected impact depends on each vulnerability, but it may be affected as follows. * Crafted by a remote third party JavaScript When the code is sent, cookie/ Session tokens can be hijacked, redirected to malicious websites, or unintentionally manipulated in a web browser - CVE-2021-22676 ‥ * A remote third party can access the product's files and directories without authentication. - CVE-2021-22674 ‥ * Arbitrary code executed by a remote third party - CVE-2021-32943.
A buffer overflow vulnerability exists in Advantech WebAccess/SCADA that stems from the product's failure to properly validate data boundaries. An attacker can use this vulnerability to cause stack overflow. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202108-0791", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "8.4.5", }, { model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess\\/scada", scope: "gte", trust: 1, vendor: "advantech", version: "9.0", }, { model: "webaccess/scada", scope: "lt", trust: 0.8, vendor: "アドバンテック株式会社", version: "8.4.5 earlier s (v8.4 system )", }, { model: "webaccess/scada", scope: "lt", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1 earlier s (v9.0 system )", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "lt", trust: 0.6, vendor: "advantech", version: "8.4.5", }, { model: "webaccess/scada", scope: "lt", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59234", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "NVD", id: "CVE-2021-32943", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "reported these vulnerabilities to CISA.,Chizuru Toyama of TXOne IoT/ICS Security Research Labs, working with Trend Micro’s Zero Day Initiative", sources: [ { db: "CNNVD", id: "CNNVD-202108-456", }, ], trust: 0.6, }, cve: "CVE-2021-32943", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-32943", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2021-59234", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-392929", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-32943", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2021-002265", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-32943", trust: 1, value: "CRITICAL", }, { author: "OTHER", id: "JVNDB-2021-002265", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2021-59234", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202108-456", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-392929", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2021-32943", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59234", }, { db: "VULHUB", id: "VHN-392929", }, { db: "VULMON", id: "CVE-2021-32943", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-456", }, { db: "NVD", id: "CVE-2021-32943", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. WebAccess/SCADA The following multiple vulnerabilities exist in. * Cross-site scripting (CWE-79) - CVE-2021-22676 ‥ * Relative path traversal (CWE-23) - CVE-2021-22674 ‥ * Stack-based buffer overflow (CWE-121) - CVE-2021-32943The expected impact depends on each vulnerability, but it may be affected as follows. * Crafted by a remote third party JavaScript When the code is sent, cookie/ Session tokens can be hijacked, redirected to malicious websites, or unintentionally manipulated in a web browser - CVE-2021-22676 ‥ * A remote third party can access the product's files and directories without authentication. - CVE-2021-22674 ‥ * Arbitrary code executed by a remote third party - CVE-2021-32943. \n\r\n\r\nA buffer overflow vulnerability exists in Advantech WebAccess/SCADA that stems from the product's failure to properly validate data boundaries. An attacker can use this vulnerability to cause stack overflow. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2021-32943", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNVD", id: "CNVD-2021-59234", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULHUB", id: "VHN-392929", }, { db: "VULMON", id: "CVE-2021-32943", }, ], trust: 2.88, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "ICS CERT", id: "ICSA-21-217-04", trust: 3.2, }, { db: "NVD", id: "CVE-2021-32943", trust: 3.2, }, { db: "JVN", id: "JVNVU92588420", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-002265", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-59234", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2656", trust: 0.6, }, { db: "CS-HELP", id: "SB2021080606", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202108-456", trust: 0.6, }, { db: "VULHUB", id: "VHN-392929", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-32943", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59234", }, { db: "VULHUB", id: "VHN-392929", }, { db: "VULMON", id: "CVE-2021-32943", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-456", }, { db: "NVD", id: "CVE-2021-32943", }, ], }, id: "VAR-202108-0791", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-59234", }, { db: "VULHUB", id: "VHN-392929", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59234", }, ], }, last_update_date: "2024-08-14T13:05:43.795000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.tw/support/details/installation?id=1-MS9MJV", }, { title: "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2021-59234)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/284486", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=158744", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59234", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202108-456", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "CWE-121", trust: 1, }, { problemtype: "Stack-based buffer overflow (CWE-121) [ Other ]", trust: 0.8, }, { problemtype: " Relative path traversal (CWE-23) [ Other ]", trust: 0.8, }, { problemtype: " Cross-site scripting (CWE-79) [ Other ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-392929", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "NVD", id: "CVE-2021-32943", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.8, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-04", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu92588420", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021080606", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2656", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59234", }, { db: "VULHUB", id: "VHN-392929", }, { db: "VULMON", id: "CVE-2021-32943", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-456", }, { db: "NVD", id: "CVE-2021-32943", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-59234", }, { db: "VULHUB", id: "VHN-392929", }, { db: "VULMON", id: "CVE-2021-32943", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-456", }, { db: "NVD", id: "CVE-2021-32943", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-08T00:00:00", db: "CNVD", id: "CNVD-2021-59234", }, { date: "2021-08-10T00:00:00", db: "VULHUB", id: "VHN-392929", }, { date: "2021-08-10T00:00:00", db: "VULMON", id: "CVE-2021-32943", }, { date: "2021-08-10T00:00:00", db: "JVNDB", id: "JVNDB-2021-002265", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-08-05T00:00:00", db: "CNNVD", id: "CNNVD-202108-456", }, { date: "2021-08-10T15:15:07.700000", db: "NVD", id: "CVE-2021-32943", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-18T00:00:00", db: "CNVD", id: "CNVD-2021-59234", }, { date: "2021-08-17T00:00:00", db: "VULHUB", id: "VHN-392929", }, { date: "2021-08-17T00:00:00", db: "VULMON", id: "CVE-2021-32943", }, { date: "2021-08-10T06:49:00", db: "JVNDB", id: "JVNDB-2021-002265", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-08-18T00:00:00", db: "CNNVD", id: "CNNVD-202108-456", }, { date: "2021-08-17T18:42:07.610000", db: "NVD", id: "CVE-2021-32943", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202108-456", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech Made WebAccess/SCADA Multiple vulnerabilities in", sources: [ { db: "JVNDB", id: "JVNDB-2021-002265", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202011-1539
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1539", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58463", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-58463", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-58463", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58463", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-58463", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-58463", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58463", }, ], }, id: "VAR-202011-1539", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-58463", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58463", }, ], }, last_update_date: "2022-05-04T09:27:54.359000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-58463", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-28T00:00:00", db: "CNVD", id: "CNVD-2020-58463", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-25T00:00:00", db: "CNVD", id: "CNVD-2020-58463", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-58463)", sources: [ { db: "CNVD", id: "CNVD-2020-58463", }, ], trust: 0.6, }, }
var-202108-0261
Vulnerability from variot
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. WebAccess/SCADA The following multiple vulnerabilities exist in. * Cross-site scripting (CWE-79) - CVE-2021-22676 ‥ * Relative path traversal (CWE-23) - CVE-2021-22674 ‥ * Stack-based buffer overflow (CWE-121) - CVE-2021-32943The expected impact depends on each vulnerability, but it may be affected as follows. * Crafted by a remote third party JavaScript When the code is sent, cookie/ Session tokens can be hijacked, redirected to malicious websites, or unintentionally manipulated in a web browser - CVE-2021-22676 ‥ * A remote third party can access the product's files and directories without authentication. - CVE-2021-22674 ‥ * Arbitrary code executed by a remote third party - CVE-2021-32943.
A path traversal vulnerability exists in Advantech WebAccess/SCADA that stems from the product's failure to add access to input data. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202108-0261", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "8.4.5", }, { model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess\\/scada", scope: "gte", trust: 1, vendor: "advantech", version: "9.0", }, { model: "webaccess/scada", scope: "lt", trust: 0.8, vendor: "アドバンテック株式会社", version: "8.4.5 earlier s (v8.4 system )", }, { model: "webaccess/scada", scope: "lt", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1 earlier s (v9.0 system )", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "lt", trust: 0.6, vendor: "advantech", version: "8.4.5", }, { model: "webaccess/scada", scope: "lt", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59235", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "NVD", id: "CVE-2021-22674", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "reported these vulnerabilities to CISA.,Chizuru Toyama of TXOne IoT/ICS Security Research Labs, working with Trend Micro’s Zero Day Initiative", sources: [ { db: "CNNVD", id: "CNNVD-202108-453", }, ], trust: 0.6, }, cve: "CVE-2021-22674", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CVE-2021-22674", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2021-59235", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "VHN-381111", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2021-22674", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "None", baseScore: 6.5, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2021-002265", impactScore: null, integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-22674", trust: 1, value: "MEDIUM", }, { author: "OTHER", id: "JVNDB-2021-002265", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2021-59235", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202108-453", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-381111", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-22674", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59235", }, { db: "VULHUB", id: "VHN-381111", }, { db: "VULMON", id: "CVE-2021-22674", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-453", }, { db: "NVD", id: "CVE-2021-22674", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. WebAccess/SCADA The following multiple vulnerabilities exist in. * Cross-site scripting (CWE-79) - CVE-2021-22676 ‥ * Relative path traversal (CWE-23) - CVE-2021-22674 ‥ * Stack-based buffer overflow (CWE-121) - CVE-2021-32943The expected impact depends on each vulnerability, but it may be affected as follows. * Crafted by a remote third party JavaScript When the code is sent, cookie/ Session tokens can be hijacked, redirected to malicious websites, or unintentionally manipulated in a web browser - CVE-2021-22676 ‥ * A remote third party can access the product's files and directories without authentication. - CVE-2021-22674 ‥ * Arbitrary code executed by a remote third party - CVE-2021-32943. \n\r\n\r\nA path traversal vulnerability exists in Advantech WebAccess/SCADA that stems from the product's failure to add access to input data. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2021-22674", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNVD", id: "CNVD-2021-59235", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULHUB", id: "VHN-381111", }, { db: "VULMON", id: "CVE-2021-22674", }, ], trust: 2.88, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "ICS CERT", id: "ICSA-21-217-04", trust: 3.2, }, { db: "NVD", id: "CVE-2021-22674", trust: 3.2, }, { db: "JVN", id: "JVNVU92588420", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-002265", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-59235", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2656", trust: 0.6, }, { db: "CS-HELP", id: "SB2021080606", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202108-453", trust: 0.6, }, { db: "VULHUB", id: "VHN-381111", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-22674", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59235", }, { db: "VULHUB", id: "VHN-381111", }, { db: "VULMON", id: "CVE-2021-22674", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-453", }, { db: "NVD", id: "CVE-2021-22674", }, ], }, id: "VAR-202108-0261", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-59235", }, { db: "VULHUB", id: "VHN-381111", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59235", }, ], }, last_update_date: "2024-08-14T12:17:33.545000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.tw/support/details/installation?id=1-MS9MJV", }, { title: "Patch for Advantech WebAccess/SCADA Path Traversal Vulnerability (CNVD-2021-59235)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/284491", }, { title: "Advantech WebAccess/SCADA Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=158741", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59235", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202108-453", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-22", trust: 1.1, }, { problemtype: "CWE-23", trust: 1, }, { problemtype: "Stack-based buffer overflow (CWE-121) [ Other ]", trust: 0.8, }, { problemtype: " Relative path traversal (CWE-23) [ Other ]", trust: 0.8, }, { problemtype: " Cross-site scripting (CWE-79) [ Other ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-381111", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "NVD", id: "CVE-2021-22674", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.8, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-04", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu92588420", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021080606", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2656", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/22.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59235", }, { db: "VULHUB", id: "VHN-381111", }, { db: "VULMON", id: "CVE-2021-22674", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-453", }, { db: "NVD", id: "CVE-2021-22674", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-59235", }, { db: "VULHUB", id: "VHN-381111", }, { db: "VULMON", id: "CVE-2021-22674", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-453", }, { db: "NVD", id: "CVE-2021-22674", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-08T00:00:00", db: "CNVD", id: "CNVD-2021-59235", }, { date: "2021-08-10T00:00:00", db: "VULHUB", id: "VHN-381111", }, { date: "2021-08-10T00:00:00", db: "VULMON", id: "CVE-2021-22674", }, { date: "2021-08-10T00:00:00", db: "JVNDB", id: "JVNDB-2021-002265", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-08-05T00:00:00", db: "CNNVD", id: "CNNVD-202108-453", }, { date: "2021-08-10T14:15:07.250000", db: "NVD", id: "CVE-2021-22674", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-18T00:00:00", db: "CNVD", id: "CNVD-2021-59235", }, { date: "2021-08-17T00:00:00", db: "VULHUB", id: "VHN-381111", }, { date: "2021-08-17T00:00:00", db: "VULMON", id: "CVE-2021-22674", }, { date: "2021-08-10T06:49:00", db: "JVNDB", id: "JVNDB-2021-002265", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-08-18T00:00:00", db: "CNNVD", id: "CNNVD-202108-453", }, { date: "2021-08-17T20:57:45.050000", db: "NVD", id: "CVE-2021-22674", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202108-453", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech Made WebAccess/SCADA Multiple vulnerabilities in", sources: [ { db: "JVNDB", id: "JVNDB-2021-002265", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202008-1297
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1297", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2020-48618", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48618", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.", sources: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48618", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], }, id: "VAR-202008-1297", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], }, last_update_date: "2022-05-04T09:42:19.867000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control WshShell class exec member has a command execution vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225697", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48618", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48618", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has command execution vulnerability (CNVD-2020-48618)", sources: [ { db: "CNVD", id: "CNVD-2020-48618", }, ], trust: 0.6, }, }
var-202102-0023
Vulnerability from variot
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0023", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11306", }, { db: "JVNDB", id: "JVNDB-2020-016181", }, { db: "NVD", id: "CVE-2020-13553", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Discovered by Yuri Kramarz of Cisco Talos.", sources: [ { db: "CNNVD", id: "CNNVD-202102-1260", }, ], trust: 0.6, }, cve: "CVE-2020-13553", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CVE-2020-13553", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.8, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2021-11306", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "VHN-166343", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "talos-cna@cisco.com", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13553", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13553", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-13553", trust: 1, value: "HIGH", }, { author: "talos-cna@cisco.com", id: "CVE-2020-13553", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2020-13553", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2021-11306", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202102-1260", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-166343", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11306", }, { db: "VULHUB", id: "VHN-166343", }, { db: "JVNDB", id: "JVNDB-2020-016181", }, { db: "CNNVD", id: "CNNVD-202102-1260", }, { db: "NVD", id: "CVE-2020-13553", }, { db: "NVD", id: "CVE-2020-13553", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2020-13553", }, { db: "JVNDB", id: "JVNDB-2020-016181", }, { db: "CNVD", id: "CNVD-2021-11306", }, { db: "VULHUB", id: "VHN-166343", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-13553", trust: 3.1, }, { db: "TALOS", id: "TALOS-2020-1169", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-016181", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-11306", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202102-1260", trust: 0.6, }, { db: "VULHUB", id: "VHN-166343", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11306", }, { db: "VULHUB", id: "VHN-166343", }, { db: "JVNDB", id: "JVNDB-2020-016181", }, { db: "CNNVD", id: "CNNVD-202102-1260", }, { db: "NVD", id: "CVE-2020-13553", }, ], }, id: "VAR-202102-0023", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-11306", }, { db: "VULHUB", id: "VHN-166343", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11306", }, ], }, last_update_date: "2024-11-23T22:40:46.713000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, { title: "Advantech WebAccess/SCADA Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142127", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-016181", }, { db: "CNNVD", id: "CNNVD-202102-1260", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-276", trust: 1.1, }, { problemtype: "Improper authority management (CWE-269) [NVD Evaluation ]", trust: 0.8, }, { problemtype: "CWE-269", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-166343", }, { db: "JVNDB", id: "JVNDB-2020-016181", }, { db: "NVD", id: "CVE-2020-13553", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://talosintelligence.com/vulnerability_reports/talos-2020-1169", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13553", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11306", }, { db: "VULHUB", id: "VHN-166343", }, { db: "JVNDB", id: "JVNDB-2020-016181", }, { db: "CNNVD", id: "CNNVD-202102-1260", }, { db: "NVD", id: "CVE-2020-13553", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-11306", }, { db: "VULHUB", id: "VHN-166343", }, { db: "JVNDB", id: "JVNDB-2020-016181", }, { db: "CNNVD", id: "CNNVD-202102-1260", }, { db: "NVD", id: "CVE-2020-13553", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11306", }, { date: "2021-02-17T00:00:00", db: "VULHUB", id: "VHN-166343", }, { date: "2021-11-12T00:00:00", db: "JVNDB", id: "JVNDB-2020-016181", }, { date: "2021-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202102-1260", }, { date: "2021-02-17T19:15:12.510000", db: "NVD", id: "CVE-2020-13553", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11306", }, { date: "2022-06-29T00:00:00", db: "VULHUB", id: "VHN-166343", }, { date: "2021-11-12T01:08:00", db: "JVNDB", id: "JVNDB-2020-016181", }, { date: "2022-04-20T00:00:00", db: "CNNVD", id: "CNNVD-202102-1260", }, { date: "2024-11-21T05:01:29.047000", db: "NVD", id: "CVE-2020-13553", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202102-1260", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Vulnerability in privilege management", sources: [ { db: "JVNDB", id: "JVNDB-2020-016181", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202102-1260", }, ], trust: 0.6, }, }
var-202010-1639
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has a denial of service vulnerability. An attacker can use this vulnerability to cause a denial of service.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1639", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-57242", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-57242", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-57242", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-57242", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has a denial of service vulnerability. An attacker can use this vulnerability to cause a denial of service.", sources: [ { db: "CNVD", id: "CNVD-2020-57242", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-57242", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-57242", }, ], }, id: "VAR-202010-1639", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-57242", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-57242", }, ], }, last_update_date: "2022-05-04T10:14:58.953000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-57242", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-19T00:00:00", db: "CNVD", id: "CNVD-2020-57242", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-19T00:00:00", db: "CNVD", id: "CNVD-2020-57242", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has a denial of service vulnerability (CNVD-2020-57242)", sources: [ { db: "CNVD", id: "CNVD-2020-57242", }, ], trust: 0.6, }, }
var-202005-0312
Vulnerability from variot
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. Advantech WebAccess Node Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000277d in ViewSrv.dll. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202005-0312", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess", scope: "eq", trust: 1.8, vendor: "advantech", version: "9.0.0", }, { model: "webaccess/scada", scope: null, trust: 1.4, vendor: "advantech", version: null, }, { model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.4.4", }, { model: "webaccess", scope: "eq", trust: 0.8, vendor: "advantech", version: "8.4.4", }, { model: "webaccess node", scope: "gte", trust: 0.6, vendor: "advantech", version: "8.4.4", }, { model: "webaccess node", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, { model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "*", }, { model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "9.0.0", }, ], sources: [ { db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { db: "ZDI", id: "ZDI-20-626", }, { db: "ZDI", id: "ZDI-20-627", }, { db: "CNVD", id: "CNVD-2020-29742", }, { db: "JVNDB", id: "JVNDB-2020-005147", }, { db: "NVD", id: "CVE-2020-12026", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-005147", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-626", }, { db: "ZDI", id: "ZDI-20-627", }, ], trust: 1.4, }, cve: "CVE-2020-12026", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CVE-2020-12026", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 6.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-005147", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CNVD-2020-29742", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "f4254815-d8f8-4350-9a94-696eea61a062", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "VHN-164663", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12026", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.4, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2020-12026", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-005147", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2020-12026", trust: 1.4, value: "CRITICAL", }, { author: "nvd@nist.gov", id: "CVE-2020-12026", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-005147", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-29742", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202005-303", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-164663", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-12026", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { db: "ZDI", id: "ZDI-20-626", }, { db: "ZDI", id: "ZDI-20-627", }, { db: "CNVD", id: "CNVD-2020-29742", }, { db: "VULHUB", id: "VHN-164663", }, { db: "VULMON", id: "CVE-2020-12026", }, { db: "JVNDB", id: "JVNDB-2020-005147", }, { db: "CNNVD", id: "CNNVD-202005-303", }, { db: "NVD", id: "CVE-2020-12026", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. Advantech WebAccess Node Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000277d in ViewSrv.dll. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required", sources: [ { db: "NVD", id: "CVE-2020-12026", }, { db: "JVNDB", id: "JVNDB-2020-005147", }, { db: "ZDI", id: "ZDI-20-626", }, { db: "ZDI", id: "ZDI-20-627", }, { db: "CNVD", id: "CNVD-2020-29742", }, { db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { db: "VULHUB", id: "VHN-164663", }, { db: "VULMON", id: "CVE-2020-12026", }, ], trust: 3.96, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-12026", trust: 5, }, { db: "ICS CERT", id: "ICSA-20-128-01", trust: 3.2, }, { db: "ZDI", id: "ZDI-20-626", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-627", trust: 1.4, }, { db: "CNVD", id: "CNVD-2020-29742", trust: 1.1, }, { db: "CNNVD", id: "CNNVD-202005-303", trust: 1.1, }, { db: "JVN", id: "JVNVU93292753", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-005147", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-9907", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9899", trust: 0.7, }, { db: "NSFOCUS", id: "47694", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1646", trust: 0.6, }, { db: "IVD", id: "F4254815-D8F8-4350-9A94-696EEA61A062", trust: 0.2, }, { db: "IVD", id: "7B562860-41D1-412D-8D4E-7ED58E4B7F7D", trust: 0.2, }, { db: "VULHUB", id: "VHN-164663", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-12026", trust: 0.1, }, ], sources: [ { db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { db: "ZDI", id: "ZDI-20-626", }, { db: "ZDI", id: "ZDI-20-627", }, { db: "CNVD", id: "CNVD-2020-29742", }, { db: "VULHUB", id: "VHN-164663", }, { db: "VULMON", id: "CVE-2020-12026", }, { db: "JVNDB", id: "JVNDB-2020-005147", }, { db: "CNNVD", id: "CNNVD-202005-303", }, { db: "NVD", id: "CVE-2020-12026", }, ], }, id: "VAR-202005-0312", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { db: "CNVD", id: "CNVD-2020-29742", }, { db: "VULHUB", id: "VHN-164663", }, ], trust: 1.679503486666667, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 1, }, ], sources: [ { db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { db: "CNVD", id: "CNVD-2020-29742", }, ], }, last_update_date: "2024-11-23T21:59:18.592000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Patch for Advantech WebAccess Node Path Traversal Vulnerability (CNVD-2020-29742)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/218851", }, { title: "Advantech WebAccess Node Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118654", }, ], sources: [ { db: "ZDI", id: "ZDI-20-626", }, { db: "ZDI", id: "ZDI-20-627", }, { db: "CNVD", id: "CNVD-2020-29742", }, { db: "JVNDB", id: "JVNDB-2020-005147", }, { db: "CNNVD", id: "CNNVD-202005-303", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-22", trust: 1.9, }, { problemtype: "CWE-23", trust: 1, }, ], sources: [ { db: "VULHUB", id: "VHN-164663", }, { db: "JVNDB", id: "JVNDB-2020-005147", }, { db: "NVD", id: "CVE-2020-12026", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.8, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-01", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-626/", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-12026", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12026", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu93292753/", }, { trust: 0.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-627/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1646/", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/47694", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/22.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "ZDI", id: "ZDI-20-626", }, { db: "ZDI", id: "ZDI-20-627", }, { db: "CNVD", id: "CNVD-2020-29742", }, { db: "VULHUB", id: "VHN-164663", }, { db: "VULMON", id: "CVE-2020-12026", }, { db: "JVNDB", id: "JVNDB-2020-005147", }, { db: "CNNVD", id: "CNNVD-202005-303", }, { db: "NVD", id: "CVE-2020-12026", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { db: "ZDI", id: "ZDI-20-626", }, { db: "ZDI", id: "ZDI-20-627", }, { db: "CNVD", id: "CNVD-2020-29742", }, { db: "VULHUB", id: "VHN-164663", }, { db: "VULMON", id: "CVE-2020-12026", }, { db: "JVNDB", id: "JVNDB-2020-005147", }, { db: "CNNVD", id: "CNNVD-202005-303", }, { db: "NVD", id: "CVE-2020-12026", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-07T00:00:00", db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { date: "2020-05-07T00:00:00", db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-626", }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-627", }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29742", }, { date: "2020-05-08T00:00:00", db: "VULHUB", id: "VHN-164663", }, { date: "2020-05-08T00:00:00", db: "VULMON", id: "CVE-2020-12026", }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005147", }, { date: "2020-05-07T00:00:00", db: "CNNVD", id: "CNNVD-202005-303", }, { date: "2020-05-08T12:15:11.443000", db: "NVD", id: "CVE-2020-12026", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-626", }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-627", }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29742", }, { date: "2021-09-23T00:00:00", db: "VULHUB", id: "VHN-164663", }, { date: "2020-05-11T00:00:00", db: "VULMON", id: "CVE-2020-12026", }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005147", }, { date: "2021-01-04T00:00:00", db: "CNNVD", id: "CNNVD-202005-303", }, { date: "2024-11-21T04:59:08.347000", db: "NVD", id: "CVE-2020-12026", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202005-303", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess Node Past Traversal Vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2020-005147", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Path traversal", sources: [ { db: "IVD", id: "f4254815-d8f8-4350-9a94-696eea61a062", }, { db: "IVD", id: "7b562860-41d1-412d-8d4e-7ed58e4b7f7d", }, { db: "CNNVD", id: "CNNVD-202005-303", }, ], trust: 1, }, }
var-202006-1920
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files on the server.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1920", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-29402", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-29402", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files on the server.", sources: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-29402", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], }, id: "VAR-202006-1920", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], }, last_update_date: "2022-05-04T10:10:55.576000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA bwtalk.exe file has system command injection vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/215709", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-29402", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-28T00:00:00", db: "CNVD", id: "CNVD-2020-29402", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has arbitrary file deletion vulnerability (CNVD-2020-29402)", sources: [ { db: "CNVD", id: "CNVD-2020-29402", }, ], trust: 0.6, }, }
var-202108-0262
Vulnerability from variot
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. WebAccess/SCADA The following multiple vulnerabilities exist in. * Cross-site scripting (CWE-79) - CVE-2021-22676 ‥ * Relative path traversal (CWE-23) - CVE-2021-22674 ‥ * Stack-based buffer overflow (CWE-121) - CVE-2021-32943The expected impact depends on each vulnerability, but it may be affected as follows. * Crafted by a remote third party JavaScript When the code is sent, cookie/ Session tokens can be hijacked, redirected to malicious websites, or unintentionally manipulated in a web browser - CVE-2021-22676 ‥ * A remote third party can access the product's files and directories without authentication. - CVE-2021-22674 ‥ * Arbitrary code executed by a remote third party - CVE-2021-32943.
A cross-site scripting vulnerability exists in Advantech WebAccess/SCADA, which stems from UserExcelOut.asp failing to properly verify the correctness of user data. An attacker could use this vulnerability to hijack the cookie session token and execute client-side code. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202108-0262", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "8.4.5", }, { model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess\\/scada", scope: "gte", trust: 1, vendor: "advantech", version: "9.0", }, { model: "webaccess/scada", scope: "lt", trust: 0.8, vendor: "アドバンテック株式会社", version: "8.4.5 earlier s (v8.4 system )", }, { model: "webaccess/scada", scope: "lt", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1 earlier s (v9.0 system )", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "lt", trust: 0.6, vendor: "advantech", version: "8.4.5", }, { model: "webaccess/scada", scope: "lt", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59236", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "NVD", id: "CVE-2021-22676", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "reported these vulnerabilities to CISA.,Chizuru Toyama of TXOne IoT/ICS Security Research Labs, working with Trend Micro’s Zero Day Initiative", sources: [ { db: "CNNVD", id: "CNNVD-202108-459", }, ], trust: 0.6, }, cve: "CVE-2021-22676", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2021-22676", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2021-59236", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-381113", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-22676", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "None", baseScore: 6.5, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "JVNDB-2021-002265", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-22676", trust: 1, value: "MEDIUM", }, { author: "OTHER", id: "JVNDB-2021-002265", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2021-59236", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202108-459", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-381113", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-22676", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59236", }, { db: "VULHUB", id: "VHN-381113", }, { db: "VULMON", id: "CVE-2021-22676", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-459", }, { db: "NVD", id: "CVE-2021-22676", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. WebAccess/SCADA The following multiple vulnerabilities exist in. * Cross-site scripting (CWE-79) - CVE-2021-22676 ‥ * Relative path traversal (CWE-23) - CVE-2021-22674 ‥ * Stack-based buffer overflow (CWE-121) - CVE-2021-32943The expected impact depends on each vulnerability, but it may be affected as follows. * Crafted by a remote third party JavaScript When the code is sent, cookie/ Session tokens can be hijacked, redirected to malicious websites, or unintentionally manipulated in a web browser - CVE-2021-22676 ‥ * A remote third party can access the product's files and directories without authentication. - CVE-2021-22674 ‥ * Arbitrary code executed by a remote third party - CVE-2021-32943. \n\r\n\r\nA cross-site scripting vulnerability exists in Advantech WebAccess/SCADA, which stems from UserExcelOut.asp failing to properly verify the correctness of user data. An attacker could use this vulnerability to hijack the cookie session token and execute client-side code. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2021-22676", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNVD", id: "CNVD-2021-59236", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULHUB", id: "VHN-381113", }, { db: "VULMON", id: "CVE-2021-22676", }, ], trust: 2.88, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "ICS CERT", id: "ICSA-21-217-04", trust: 3.2, }, { db: "NVD", id: "CVE-2021-22676", trust: 3.2, }, { db: "JVN", id: "JVNVU92588420", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-002265", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-59236", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2656", trust: 0.6, }, { db: "CS-HELP", id: "SB2021080606", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202108-459", trust: 0.6, }, { db: "VULHUB", id: "VHN-381113", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-22676", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59236", }, { db: "VULHUB", id: "VHN-381113", }, { db: "VULMON", id: "CVE-2021-22676", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-459", }, { db: "NVD", id: "CVE-2021-22676", }, ], }, id: "VAR-202108-0262", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-59236", }, { db: "VULHUB", id: "VHN-381113", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59236", }, ], }, last_update_date: "2024-08-14T12:09:59.994000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.tw/support/details/installation?id=1-MS9MJV", }, { title: "Patch for Advantech WebAccess/SCADA Cross-Site Scripting Vulnerability (CNVD-2021-59236)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/284496", }, { title: "Advantech WebAccess/SCADA Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=158747", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59236", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202108-459", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.1, }, { problemtype: "Stack-based buffer overflow (CWE-121) [ Other ]", trust: 0.8, }, { problemtype: " Relative path traversal (CWE-23) [ Other ]", trust: 0.8, }, { problemtype: " Cross-site scripting (CWE-79) [ Other ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-381113", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "NVD", id: "CVE-2021-22676", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.8, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-04", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu92588420", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021080606", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2656", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/79.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-59236", }, { db: "VULHUB", id: "VHN-381113", }, { db: "VULMON", id: "CVE-2021-22676", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-459", }, { db: "NVD", id: "CVE-2021-22676", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-59236", }, { db: "VULHUB", id: "VHN-381113", }, { db: "VULMON", id: "CVE-2021-22676", }, { db: "JVNDB", id: "JVNDB-2021-002265", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202108-459", }, { db: "NVD", id: "CVE-2021-22676", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-08T00:00:00", db: "CNVD", id: "CNVD-2021-59236", }, { date: "2021-08-10T00:00:00", db: "VULHUB", id: "VHN-381113", }, { date: "2021-08-10T00:00:00", db: "VULMON", id: "CVE-2021-22676", }, { date: "2021-08-10T00:00:00", db: "JVNDB", id: "JVNDB-2021-002265", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-08-05T00:00:00", db: "CNNVD", id: "CNNVD-202108-459", }, { date: "2021-08-10T15:15:07.457000", db: "NVD", id: "CVE-2021-22676", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-18T00:00:00", db: "CNVD", id: "CNVD-2021-59236", }, { date: "2021-08-17T00:00:00", db: "VULHUB", id: "VHN-381113", }, { date: "2021-08-17T00:00:00", db: "VULMON", id: "CVE-2021-22676", }, { date: "2021-08-10T06:49:00", db: "JVNDB", id: "JVNDB-2021-002265", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-08-18T00:00:00", db: "CNNVD", id: "CNNVD-202108-459", }, { date: "2021-08-17T19:39:57.183000", db: "NVD", id: "CVE-2021-22676", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202108-459", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech Made WebAccess/SCADA Multiple vulnerabilities in", sources: [ { db: "JVNDB", id: "JVNDB-2021-002265", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202011-1535
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1535", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58465", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-58465", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-58465", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58465", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-58465", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-58465", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58465", }, ], }, id: "VAR-202011-1535", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-58465", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58465", }, ], }, last_update_date: "2022-05-04T09:08:50.179000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-58465", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-28T00:00:00", db: "CNVD", id: "CNVD-2020-58465", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-25T00:00:00", db: "CNVD", id: "CNVD-2020-58465", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-58465)", sources: [ { db: "CNVD", id: "CNVD-2020-58465", }, ], trust: 0.6, }, }
var-202008-1270
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain remote connection passwords, background administrator passwords and other sensitive information.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1270", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-48625", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48625", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain remote connection passwords, background administrator passwords and other sensitive information.", sources: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48625", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], }, id: "VAR-202008-1270", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], }, last_update_date: "2022-05-04T10:18:14.827000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control FileSystemObject class CopyFile member has information disclosure vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225715", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48625", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48625", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an information disclosure vulnerability", sources: [ { db: "CNVD", id: "CNVD-2020-48625", }, ], trust: 0.6, }, }
var-201904-0181
Vulnerability from variot
Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. Advantech WebAccess/SCADA Contains a buffer error vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwthinfl.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in execution to other associated memory locations. erroneous read and write operations
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: null, trust: 8.4, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess", scope: "eq", trust: 0.8, vendor: "advantech", version: "8.3.5 and less", }, { _id: null, model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { _id: null, model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", }, { db: "ZDI", id: "ZDI-19-322", }, { db: "ZDI", id: "ZDI-19-311", }, { db: "ZDI", id: "ZDI-19-329", }, { db: "ZDI", id: "ZDI-19-325", }, { db: "ZDI", id: "ZDI-19-313", }, { db: "ZDI", id: "ZDI-19-328", }, { db: "ZDI", id: "ZDI-19-318", }, { db: "ZDI", id: "ZDI-19-321", }, { db: "ZDI", id: "ZDI-19-330", }, { db: "ZDI", id: "ZDI-19-315", }, { db: "ZDI", id: "ZDI-19-323", }, { db: "ZDI", id: "ZDI-19-327", }, { db: "CNVD", id: "CNVD-2019-08948", }, { db: "JVNDB", id: "JVNDB-2019-003121", }, { db: "NVD", id: "CVE-2019-6550", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-003121", }, ], }, credits: { _id: null, data: "Mat Powell of Trend Micro Zero Day Initiative", sources: [ { db: "ZDI", id: "ZDI-19-322", }, { db: "ZDI", id: "ZDI-19-311", }, { db: "ZDI", id: "ZDI-19-329", }, { db: "ZDI", id: "ZDI-19-325", }, { db: "ZDI", id: "ZDI-19-313", }, { db: "ZDI", id: "ZDI-19-328", }, { db: "ZDI", id: "ZDI-19-318", }, { db: "ZDI", id: "ZDI-19-330", }, { db: "ZDI", id: "ZDI-19-315", }, { db: "ZDI", id: "ZDI-19-323", }, { db: "ZDI", id: "ZDI-19-327", }, ], trust: 7.7, }, cve: "CVE-2019-6550", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-6550", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-08948", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-157985", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-6550", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 8.4, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-6550", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-6550", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2019-6550", trust: 8.4, value: "CRITICAL", }, { author: "nvd@nist.gov", id: "CVE-2019-6550", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-6550", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-08948", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201904-089", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-157985", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-6550", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", }, { db: "ZDI", id: "ZDI-19-322", }, { db: "ZDI", id: "ZDI-19-311", }, { db: "ZDI", id: "ZDI-19-329", }, { db: "ZDI", id: "ZDI-19-325", }, { db: "ZDI", id: "ZDI-19-313", }, { db: "ZDI", id: "ZDI-19-328", }, { db: "ZDI", id: "ZDI-19-318", }, { db: "ZDI", id: "ZDI-19-321", }, { db: "ZDI", id: "ZDI-19-330", }, { db: "ZDI", id: "ZDI-19-315", }, { db: "ZDI", id: "ZDI-19-323", }, { db: "ZDI", id: "ZDI-19-327", }, { db: "CNVD", id: "CNVD-2019-08948", }, { db: "VULHUB", id: "VHN-157985", }, { db: "VULMON", id: "CVE-2019-6550", }, { db: "JVNDB", id: "JVNDB-2019-003121", }, { db: "CNNVD", id: "CNNVD-201904-089", }, { db: "NVD", id: "CVE-2019-6550", }, ], }, description: { _id: null, data: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. Advantech WebAccess/SCADA Contains a buffer error vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwthinfl.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in execution to other associated memory locations. erroneous read and write operations", sources: [ { db: "NVD", id: "CVE-2019-6550", }, { db: "JVNDB", id: "JVNDB-2019-003121", }, { db: "ZDI", id: "ZDI-19-321", }, { db: "ZDI", id: "ZDI-19-327", }, { db: "ZDI", id: "ZDI-19-323", }, { db: "ZDI", id: "ZDI-19-315", }, { db: "ZDI", id: "ZDI-19-322", }, { db: "ZDI", id: "ZDI-19-330", }, { db: "ZDI", id: "ZDI-19-318", }, { db: "ZDI", id: "ZDI-19-328", }, { db: "ZDI", id: "ZDI-19-313", }, { db: "ZDI", id: "ZDI-19-325", }, { db: "ZDI", id: "ZDI-19-329", }, { db: "ZDI", id: "ZDI-19-311", }, { db: "CNVD", id: "CNVD-2019-08948", }, { db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", }, { db: "VULHUB", id: "VHN-157985", }, { db: "VULMON", id: "CVE-2019-6550", }, ], trust: 10.08, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2019-6550", trust: 11.8, }, { db: "ICS CERT", id: "ICSA-19-092-01", trust: 3.2, }, { db: "ZDI", id: "ZDI-19-585", trust: 1.8, }, { db: "ZDI", id: "ZDI-19-330", trust: 1.3, }, { db: "CNNVD", id: "CNNVD-201904-089", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-08948", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-003121", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-7914", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-322", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7899", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-311", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7924", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-329", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7927", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-325", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7901", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-313", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7882", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-328", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7910", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-318", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7920", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-321", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7930", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7903", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-315", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7925", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-323", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-7881", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-327", trust: 0.7, }, { db: "BID", id: "107675", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.1113", trust: 0.6, }, { db: "IVD", id: "4D85A7A9-A091-4C59-84E6-73C8B6639498", trust: 0.2, }, { db: "VULHUB", id: "VHN-157985", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-6550", trust: 0.1, }, ], sources: [ { db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", }, { db: "ZDI", id: "ZDI-19-322", }, { db: "ZDI", id: "ZDI-19-311", }, { db: "ZDI", id: "ZDI-19-329", }, { db: "ZDI", id: "ZDI-19-325", }, { db: "ZDI", id: "ZDI-19-313", }, { db: "ZDI", id: "ZDI-19-328", }, { db: "ZDI", id: "ZDI-19-318", }, { db: "ZDI", id: "ZDI-19-321", }, { db: "ZDI", id: "ZDI-19-330", }, { db: "ZDI", id: "ZDI-19-315", }, { db: "ZDI", id: "ZDI-19-323", }, { db: "ZDI", id: "ZDI-19-327", }, { db: "CNVD", id: "CNVD-2019-08948", }, { db: "VULHUB", id: "VHN-157985", }, { db: "VULMON", id: "CVE-2019-6550", }, { db: "JVNDB", id: "JVNDB-2019-003121", }, { db: "CNNVD", id: "CNNVD-201904-089", }, { db: "NVD", id: "CVE-2019-6550", }, ], }, id: "VAR-201904-0181", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", }, { db: "CNVD", id: "CNVD-2019-08948", }, { db: "VULHUB", id: "VHN-157985", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", }, { db: "CNVD", id: "CNVD-2019-08948", }, ], }, last_update_date: "2024-11-29T22:41:17.815000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 5.6, url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, { title: "Advantech has issued an update to correct this vulnerability.", trust: 2.8, url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-091-01", }, { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/157945", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91013", }, ], sources: [ { db: "ZDI", id: "ZDI-19-322", }, { db: "ZDI", id: "ZDI-19-311", }, { db: "ZDI", id: "ZDI-19-329", }, { db: "ZDI", id: "ZDI-19-325", }, { db: "ZDI", id: "ZDI-19-313", }, { db: "ZDI", id: "ZDI-19-328", }, { db: "ZDI", id: "ZDI-19-318", }, { db: "ZDI", id: "ZDI-19-321", }, { db: "ZDI", id: "ZDI-19-330", }, { db: "ZDI", id: "ZDI-19-315", }, { db: "ZDI", id: "ZDI-19-323", }, { db: "ZDI", id: "ZDI-19-327", }, { db: "CNVD", id: "CNVD-2019-08948", }, { db: "JVNDB", id: "JVNDB-2019-003121", }, { db: "CNNVD", id: "CNNVD-201904-089", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "CWE-121", trust: 1, }, { problemtype: "CWE-119", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-157985", }, { db: "JVNDB", id: "JVNDB-2019-003121", }, { db: "NVD", id: "CVE-2019-6550", }, ], }, references: { _id: null, data: [ { trust: 8.9, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-092-01", }, { trust: 2.8, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-091-01", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-19-585/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-6550", }, { trust: 1.3, url: "http://www.securityfocus.com/bid/107675", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6550", }, { trust: 0.6, url: "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv&doc_source=download", }, { trust: 0.6, url: "https://www.advantech.com/", }, { trust: 0.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-330/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/78318", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "ZDI", id: "ZDI-19-322", }, { db: "ZDI", id: "ZDI-19-311", }, { db: "ZDI", id: "ZDI-19-329", }, { db: "ZDI", id: "ZDI-19-325", }, { db: "ZDI", id: "ZDI-19-313", }, { db: "ZDI", id: "ZDI-19-328", }, { db: "ZDI", id: "ZDI-19-318", }, { db: "ZDI", id: "ZDI-19-321", }, { db: "ZDI", id: "ZDI-19-330", }, { db: "ZDI", id: "ZDI-19-315", }, { db: "ZDI", id: "ZDI-19-323", }, { db: "ZDI", id: "ZDI-19-327", }, { db: "CNVD", id: "CNVD-2019-08948", }, { db: "VULHUB", id: "VHN-157985", }, { db: "VULMON", id: "CVE-2019-6550", }, { db: "JVNDB", id: "JVNDB-2019-003121", }, { db: "CNNVD", id: "CNNVD-201904-089", }, { db: "NVD", id: "CVE-2019-6550", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", ident: null, }, { db: "ZDI", id: "ZDI-19-322", ident: null, }, { db: "ZDI", id: "ZDI-19-311", ident: null, }, { db: "ZDI", id: "ZDI-19-329", ident: null, }, { db: "ZDI", id: "ZDI-19-325", ident: null, }, { db: "ZDI", id: "ZDI-19-313", ident: null, }, { db: "ZDI", id: "ZDI-19-328", ident: null, }, { db: "ZDI", id: "ZDI-19-318", ident: null, }, { db: "ZDI", id: "ZDI-19-321", ident: null, }, { db: "ZDI", id: "ZDI-19-330", ident: null, }, { db: "ZDI", id: "ZDI-19-315", ident: null, }, { db: "ZDI", id: "ZDI-19-323", ident: null, }, { db: "ZDI", id: "ZDI-19-327", ident: null, }, { db: "CNVD", id: "CNVD-2019-08948", ident: null, }, { db: "VULHUB", id: "VHN-157985", ident: null, }, { db: "VULMON", id: "CVE-2019-6550", ident: null, }, { db: "JVNDB", id: "JVNDB-2019-003121", ident: null, }, { db: "CNNVD", id: "CNNVD-201904-089", ident: null, }, { db: "NVD", id: "CVE-2019-6550", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2019-04-03T00:00:00", db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-322", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-311", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-329", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-325", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-313", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-328", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-318", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-321", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-330", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-315", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-323", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-327", ident: null, }, { date: "2019-04-03T00:00:00", db: "CNVD", id: "CNVD-2019-08948", ident: null, }, { date: "2019-04-05T00:00:00", db: "VULHUB", id: "VHN-157985", ident: null, }, { date: "2019-04-05T00:00:00", db: "VULMON", id: "CVE-2019-6550", ident: null, }, { date: "2019-05-10T00:00:00", db: "JVNDB", id: "JVNDB-2019-003121", ident: null, }, { date: "2019-04-02T00:00:00", db: "CNNVD", id: "CNNVD-201904-089", ident: null, }, { date: "2019-04-05T19:29:00.310000", db: "NVD", id: "CVE-2019-6550", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-322", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-311", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-329", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-325", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-313", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-328", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-318", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-321", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-330", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-315", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-323", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-327", ident: null, }, { date: "2019-04-03T00:00:00", db: "CNVD", id: "CNVD-2019-08948", ident: null, }, { date: "2020-10-06T00:00:00", db: "VULHUB", id: "VHN-157985", ident: null, }, { date: "2020-10-06T00:00:00", db: "VULMON", id: "CVE-2019-6550", ident: null, }, { date: "2019-05-10T00:00:00", db: "JVNDB", id: "JVNDB-2019-003121", ident: null, }, { date: "2020-10-09T00:00:00", db: "CNNVD", id: "CNNVD-201904-089", ident: null, }, { date: "2024-11-21T04:46:40.660000", db: "NVD", id: "CVE-2019-6550", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201904-089", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess Node bwthinfl Stack-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-19-328", }, { db: "ZDI", id: "ZDI-19-321", }, ], trust: 1.4, }, type: { _id: null, data: "Buffer error", sources: [ { db: "IVD", id: "4d85a7a9-a091-4c59-84e6-73c8b6639498", }, { db: "CNNVD", id: "CNNVD-201904-089", }, ], trust: 0.8, }, }
var-201812-0480
Vulnerability from variot
WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack. WebAccess/SCADA Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment.
A buffer overflow vulnerability exists in Advantech WebAccess/SCADA version 8.3.2 based on the Windows 2008 R2 SP1 platform that could allow an attacker to execute arbitrary code or cause a denial of service in the context of an affected application. Advantech WebAccess/SCADA is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely cause denial-of-service conditions. Advantech WebAccess/SCADA version 8.3.2 is vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0480", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 1.7, vendor: "advantech", version: "8.3.2", }, { model: "webaccess\\/scada", scope: "eq", trust: 1.6, vendor: "advantech", version: "8.3.2", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess scada", version: "8.3.2", }, ], sources: [ { db: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", }, { db: "CNVD", id: "CNVD-2019-32478", }, { db: "BID", id: "106245", }, { db: "JVNDB", id: "JVNDB-2018-013453", }, { db: "CNNVD", id: "CNNVD-201812-789", }, { db: "NVD", id: "CVE-2018-18999", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess%2Fscada", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-013453", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Jacob Baines of Tenable Network Security", sources: [ { db: "BID", id: "106245", }, ], trust: 0.3, }, cve: "CVE-2018-18999", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2018-18999", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32478", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-129614", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2018-18999", impactScore: 3.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "Low", baseScore: 7.3, baseSeverity: "High", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2018-18999", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2018-18999", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2018-18999", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2019-32478", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201812-789", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-129614", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", }, { db: "CNVD", id: "CNVD-2019-32478", }, { db: "VULHUB", id: "VHN-129614", }, { db: "JVNDB", id: "JVNDB-2018-013453", }, { db: "CNNVD", id: "CNNVD-201812-789", }, { db: "NVD", id: "CVE-2018-18999", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack. WebAccess/SCADA Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. \n\nA buffer overflow vulnerability exists in Advantech WebAccess/SCADA version 8.3.2 based on the Windows 2008 R2 SP1 platform that could allow an attacker to execute arbitrary code or cause a denial of service in the context of an affected application. Advantech WebAccess/SCADA is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely cause denial-of-service conditions. \nAdvantech WebAccess/SCADA version 8.3.2 is vulnerable", sources: [ { db: "NVD", id: "CVE-2018-18999", }, { db: "JVNDB", id: "JVNDB-2018-013453", }, { db: "CNVD", id: "CNVD-2019-32478", }, { db: "BID", id: "106245", }, { db: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", }, { db: "VULHUB", id: "VHN-129614", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-18999", trust: 3.6, }, { db: "ICS CERT", id: "ICSA-18-352-02", trust: 3.4, }, { db: "BID", id: "106245", trust: 2, }, { db: "TENABLE", id: "TRA-2018-45", trust: 1.7, }, { db: "CNNVD", id: "CNNVD-201812-789", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32478", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2018-013453", trust: 0.8, }, { db: "IVD", id: "7B46AEC3-E0F9-4EAE-BEB8-00887207FB47", trust: 0.2, }, { db: "SEEBUG", id: "SSVID-97745", trust: 0.1, }, { db: "SEEBUG", id: "SSVID-98830", trust: 0.1, }, { db: "VULHUB", id: "VHN-129614", trust: 0.1, }, ], sources: [ { db: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", }, { db: "CNVD", id: "CNVD-2019-32478", }, { db: "VULHUB", id: "VHN-129614", }, { db: "BID", id: "106245", }, { db: "JVNDB", id: "JVNDB-2018-013453", }, { db: "CNNVD", id: "CNNVD-201812-789", }, { db: "NVD", id: "CVE-2018-18999", }, ], }, id: "VAR-201812-0480", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", }, { db: "CNVD", id: "CNVD-2019-32478", }, { db: "VULHUB", id: "VHN-129614", }, ], trust: 1.5586422, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", }, { db: "CNVD", id: "CNVD-2019-32478", }, ], }, last_update_date: "2024-11-23T22:58:48.600000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, { title: "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32478)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181475", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87986", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32478", }, { db: "JVNDB", id: "JVNDB-2018-013453", }, { db: "CNNVD", id: "CNNVD-201812-789", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.9, }, { problemtype: "CWE-787", trust: 1.1, }, ], sources: [ { db: "VULHUB", id: "VHN-129614", }, { db: "JVNDB", id: "JVNDB-2018-013453", }, { db: "NVD", id: "CVE-2018-18999", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.4, url: "https://ics-cert.us-cert.gov/advisories/icsa-18-352-02", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/106245", }, { trust: 1.7, url: "https://www.tenable.com/security/research/tra-2018-45", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18999", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2018-18999", }, { trust: 0.3, url: "http://www.advantech.in/", }, { trust: 0.3, url: "http://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32478", }, { db: "VULHUB", id: "VHN-129614", }, { db: "BID", id: "106245", }, { db: "JVNDB", id: "JVNDB-2018-013453", }, { db: "CNNVD", id: "CNNVD-201812-789", }, { db: "NVD", id: "CVE-2018-18999", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", }, { db: "CNVD", id: "CNVD-2019-32478", }, { db: "VULHUB", id: "VHN-129614", }, { db: "BID", id: "106245", }, { db: "JVNDB", id: "JVNDB-2018-013453", }, { db: "CNNVD", id: "CNNVD-201812-789", }, { db: "NVD", id: "CVE-2018-18999", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "7b46aec3-e0f9-4eae-beb8-00887207fb47", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32478", }, { date: "2018-12-19T00:00:00", db: "VULHUB", id: "VHN-129614", }, { date: "2018-12-18T00:00:00", db: "BID", id: "106245", }, { date: "2019-02-21T00:00:00", db: "JVNDB", id: "JVNDB-2018-013453", }, { date: "2018-12-19T00:00:00", db: "CNNVD", id: "CNNVD-201812-789", }, { date: "2018-12-19T18:29:00.203000", db: "NVD", id: "CVE-2018-18999", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-11-07T00:00:00", db: "CNVD", id: "CNVD-2019-32478", }, { date: "2020-09-18T00:00:00", db: "VULHUB", id: "VHN-129614", }, { date: "2018-12-18T00:00:00", db: "BID", id: "106245", }, { date: "2019-02-21T00:00:00", db: "JVNDB", id: "JVNDB-2018-013453", }, { date: "2020-09-21T00:00:00", db: "CNNVD", id: "CNNVD-201812-789", }, { date: "2024-11-21T03:57:00.923000", db: "NVD", id: "CVE-2018-18999", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201812-789", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA Input validation vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-013453", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201812-789", }, ], trust: 0.6, }, }
var-202005-1239
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5217 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202005-1239", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, ], sources: [ { db: "ZDI", id: "ZDI-20-629", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-629", }, ], trust: 0.7, }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "ZDI-20-629", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "ZDI-20-629", trust: 0.7, value: "CRITICAL", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-629", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5217 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.", sources: [ { db: "ZDI", id: "ZDI-20-629", }, ], trust: 0.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "ZDI_CAN", id: "ZDI-CAN-9940", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-629", trust: 0.7, }, ], sources: [ { db: "ZDI", id: "ZDI-20-629", }, ], }, id: "VAR-202005-1239", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6405517, }, last_update_date: "2022-05-17T02:01:01.019000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-629", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-629", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "ZDI", id: "ZDI-20-629", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-629", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-629", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA DATACORE IOCTL 0x5217 Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-629", }, ], trust: 0.7, }, }
var-202005-0338
Vulnerability from variot
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data. Advantech WebAccess Node Exists in an out-of-bounds read vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00002722 in ViewSrv.dll. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: "eq", trust: 1.9, vendor: "advantech", version: "9.0.0", }, { _id: null, model: "webaccess/scada", scope: null, trust: 1.4, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess", scope: "eq", trust: 0.9, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "gte", trust: 0.6, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "*", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "9.0.0", }, ], sources: [ { db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", }, { db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", }, { db: "ZDI", id: "ZDI-20-628", }, { db: "ZDI", id: "ZDI-20-630", }, { db: "CNVD", id: "CNVD-2020-29738", }, { db: "VULMON", id: "CVE-2020-12018", }, { db: "JVNDB", id: "JVNDB-2020-005145", }, { db: "NVD", id: "CVE-2020-12018", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-005145", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-628", }, { db: "ZDI", id: "ZDI-20-630", }, ], trust: 1.4, }, cve: "CVE-2020-12018", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-12018", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-005145", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-29738", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-164654", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12018", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.4, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12018", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-005145", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2020-12018", trust: 1.4, value: "HIGH", }, { author: "nvd@nist.gov", id: "CVE-2020-12018", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-005145", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-29738", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202005-292", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-164654", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-12018", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", }, { db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", }, { db: "ZDI", id: "ZDI-20-628", }, { db: "ZDI", id: "ZDI-20-630", }, { db: "CNVD", id: "CNVD-2020-29738", }, { db: "VULHUB", id: "VHN-164654", }, { db: "VULMON", id: "CVE-2020-12018", }, { db: "JVNDB", id: "JVNDB-2020-005145", }, { db: "CNNVD", id: "CNNVD-202005-292", }, { db: "NVD", id: "CVE-2020-12018", }, ], }, description: { _id: null, data: "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data. Advantech WebAccess Node Exists in an out-of-bounds read vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00002722 in ViewSrv.dll. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required", sources: [ { db: "NVD", id: "CVE-2020-12018", }, { db: "JVNDB", id: "JVNDB-2020-005145", }, { db: "ZDI", id: "ZDI-20-628", }, { db: "ZDI", id: "ZDI-20-630", }, { db: "CNVD", id: "CNVD-2020-29738", }, { db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", }, { db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", }, { db: "VULHUB", id: "VHN-164654", }, { db: "VULMON", id: "CVE-2020-12018", }, ], trust: 3.96, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2020-12018", trust: 5, }, { db: "ICS CERT", id: "ICSA-20-128-01", trust: 3.2, }, { db: "ZDI", id: "ZDI-20-628", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-630", trust: 1.4, }, { db: "CNVD", id: "CNVD-2020-29738", trust: 1.1, }, { db: "CNNVD", id: "CNNVD-202005-292", trust: 1.1, }, { db: "JVN", id: "JVNVU93292753", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-005145", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-9903", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9896", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2020.1646", trust: 0.6, }, { db: "NSFOCUS", id: "47308", trust: 0.6, }, { db: "IVD", id: "0C0A4C5A-B413-4EB0-98C1-1ACC2309CA38", trust: 0.2, }, { db: "IVD", id: "2CD25065-FDF0-47DB-8723-F8FA644FF39F", trust: 0.2, }, { db: "VULHUB", id: "VHN-164654", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-12018", trust: 0.1, }, ], sources: [ { db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", }, { db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", }, { db: "ZDI", id: "ZDI-20-628", }, { db: "ZDI", id: "ZDI-20-630", }, { db: "CNVD", id: "CNVD-2020-29738", }, { db: "VULHUB", id: "VHN-164654", }, { db: "VULMON", id: "CVE-2020-12018", }, { db: "JVNDB", id: "JVNDB-2020-005145", }, { db: "CNNVD", id: "CNNVD-202005-292", }, { db: "NVD", id: "CVE-2020-12018", }, ], }, id: "VAR-202005-0338", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", }, { db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", }, { db: "CNVD", id: "CNVD-2020-29738", }, { db: "VULHUB", id: "VHN-164654", }, ], trust: 1.679503486666667, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 1, }, ], sources: [ { db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", }, { db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", }, { db: "CNVD", id: "CNVD-2020-29738", }, ], }, last_update_date: "2024-11-23T21:59:18.487000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Patch for Advantech WebAccess Node out-of-bounds reading vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/218843", }, ], sources: [ { db: "ZDI", id: "ZDI-20-628", }, { db: "ZDI", id: "ZDI-20-630", }, { db: "CNVD", id: "CNVD-2020-29738", }, { db: "JVNDB", id: "JVNDB-2020-005145", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-125", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-164654", }, { db: "JVNDB", id: "JVNDB-2020-005145", }, { db: "NVD", id: "CVE-2020-12018", }, ], }, references: { _id: null, data: [ { trust: 3.8, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-01", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-628/", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-12018", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12018", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu93292753/", }, { trust: 0.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-630/", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/47308", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1646/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/125.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/181601", }, ], sources: [ { db: "ZDI", id: "ZDI-20-628", }, { db: "ZDI", id: "ZDI-20-630", }, { db: "CNVD", id: "CNVD-2020-29738", }, { db: "VULHUB", id: "VHN-164654", }, { db: "VULMON", id: "CVE-2020-12018", }, { db: "JVNDB", id: "JVNDB-2020-005145", }, { db: "CNNVD", id: "CNNVD-202005-292", }, { db: "NVD", id: "CVE-2020-12018", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", ident: null, }, { db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", ident: null, }, { db: "ZDI", id: "ZDI-20-628", ident: null, }, { db: "ZDI", id: "ZDI-20-630", ident: null, }, { db: "CNVD", id: "CNVD-2020-29738", ident: null, }, { db: "VULHUB", id: "VHN-164654", ident: null, }, { db: "VULMON", id: "CVE-2020-12018", ident: null, }, { db: "JVNDB", id: "JVNDB-2020-005145", ident: null, }, { db: "CNNVD", id: "CNNVD-202005-292", ident: null, }, { db: "NVD", id: "CVE-2020-12018", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-07T00:00:00", db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", ident: null, }, { date: "2020-05-07T00:00:00", db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-628", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-630", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29738", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULHUB", id: "VHN-164654", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULMON", id: "CVE-2020-12018", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005145", ident: null, }, { date: "2020-05-07T00:00:00", db: "CNNVD", id: "CNNVD-202005-292", ident: null, }, { date: "2020-05-08T12:15:11.317000", db: "NVD", id: "CVE-2020-12018", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-628", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-630", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29738", ident: null, }, { date: "2020-05-11T00:00:00", db: "VULHUB", id: "VHN-164654", ident: null, }, { date: "2020-05-11T00:00:00", db: "VULMON", id: "CVE-2020-12018", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005145", ident: null, }, { date: "2021-01-04T00:00:00", db: "CNNVD", id: "CNNVD-202005-292", ident: null, }, { date: "2024-11-21T04:59:07.480000", db: "NVD", id: "CVE-2020-12018", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202005-292", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess Node Out-of-bounds read vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2020-005145", }, ], trust: 0.8, }, type: { _id: null, data: "Buffer error", sources: [ { db: "IVD", id: "0c0a4c5a-b413-4eb0-98c1-1acc2309ca38", }, { db: "IVD", id: "2cd25065-fdf0-47db-8723-f8fa644ff39f", }, { db: "CNNVD", id: "CNNVD-202005-292", }, ], trust: 1, }, }
var-202006-1911
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files on the server.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1911", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-29406", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-29406", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files on the server.", sources: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-29406", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], }, id: "VAR-202006-1911", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], }, last_update_date: "2022-05-04T09:21:49.544000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA BwDlgpUp file has arbitrary file deletion vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/216129", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-29406", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-28T00:00:00", db: "CNVD", id: "CNVD-2020-29406", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has arbitrary file deletion vulnerability", sources: [ { db: "CNVD", id: "CNVD-2020-29406", }, ], trust: 0.6, }, }
var-202005-0311
Vulnerability from variot
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed. Advantech WebAccess Node Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000521e in DATACORE.exe. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: "eq", trust: 1.9, vendor: "advantech", version: "9.0.0", }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess", scope: "eq", trust: 0.9, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, { _id: null, model: "webaccess node", scope: "gte", trust: 0.6, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "*", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "9.0.0", }, ], sources: [ { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", }, { db: "ZDI", id: "ZDI-20-598", }, { db: "CNVD", id: "CNVD-2020-27432", }, { db: "VULMON", id: "CVE-2020-12022", }, { db: "JVNDB", id: "JVNDB-2020-005146", }, { db: "NVD", id: "CVE-2020-12022", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-005146", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-598", }, ], trust: 0.7, }, cve: "CVE-2020-12022", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-12022", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-005146", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-27432", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "19380447-9612-4180-8a2e-efbd7ba08404", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-164659", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12022", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-005146", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12022", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-12022", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "JVNDB-2020-005146", trust: 0.8, value: "Critical", }, { author: "ZDI", id: "CVE-2020-12022", trust: 0.7, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2020-27432", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202005-313", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-164659", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-12022", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", }, { db: "ZDI", id: "ZDI-20-598", }, { db: "CNVD", id: "CNVD-2020-27432", }, { db: "VULHUB", id: "VHN-164659", }, { db: "VULMON", id: "CVE-2020-12022", }, { db: "JVNDB", id: "JVNDB-2020-005146", }, { db: "CNNVD", id: "CNNVD-202005-313", }, { db: "NVD", id: "CVE-2020-12022", }, ], }, description: { _id: null, data: "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed. Advantech WebAccess Node Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000521e in DATACORE.exe. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required", sources: [ { db: "NVD", id: "CVE-2020-12022", }, { db: "JVNDB", id: "JVNDB-2020-005146", }, { db: "ZDI", id: "ZDI-20-598", }, { db: "CNVD", id: "CNVD-2020-27432", }, { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", }, { db: "VULHUB", id: "VHN-164659", }, { db: "VULMON", id: "CVE-2020-12022", }, ], trust: 3.33, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2020-12022", trust: 4.3, }, { db: "ICS CERT", id: "ICSA-20-128-01", trust: 3.2, }, { db: "ZDI", id: "ZDI-20-598", trust: 2.5, }, { db: "CNVD", id: "CNVD-2020-27432", trust: 1.1, }, { db: "CNNVD", id: "CNNVD-202005-313", trust: 1.1, }, { db: "JVN", id: "JVNVU93292753", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-005146", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-9988", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2020.1646", trust: 0.6, }, { db: "NSFOCUS", id: "47693", trust: 0.6, }, { db: "IVD", id: "6265122D-0D35-44B3-85EA-0C5F7B711A0D", trust: 0.2, }, { db: "IVD", id: "19380447-9612-4180-8A2E-EFBD7BA08404", trust: 0.2, }, { db: "VULHUB", id: "VHN-164659", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-12022", trust: 0.1, }, ], sources: [ { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", }, { db: "ZDI", id: "ZDI-20-598", }, { db: "CNVD", id: "CNVD-2020-27432", }, { db: "VULHUB", id: "VHN-164659", }, { db: "VULMON", id: "CVE-2020-12022", }, { db: "JVNDB", id: "JVNDB-2020-005146", }, { db: "CNNVD", id: "CNNVD-202005-313", }, { db: "NVD", id: "CVE-2020-12022", }, ], }, id: "VAR-202005-0311", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", }, { db: "CNVD", id: "CNVD-2020-27432", }, { db: "VULHUB", id: "VHN-164659", }, ], trust: 1.679503486666667, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 1, }, ], sources: [ { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", }, { db: "CNVD", id: "CNVD-2020-27432", }, ], }, last_update_date: "2024-11-23T21:59:18.540000Z", patch: { _id: null, data: [ { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { title: "Patch for Advantech WebAccess Node input validation error vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/218857", }, { title: "Advantech WebAccess Node Enter the fix for the verification error vulnerability", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118220", }, ], sources: [ { db: "ZDI", id: "ZDI-20-598", }, { db: "CNVD", id: "CNVD-2020-27432", }, { db: "JVNDB", id: "JVNDB-2020-005146", }, { db: "CNNVD", id: "CNNVD-202005-313", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-129", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-164659", }, { db: "JVNDB", id: "JVNDB-2020-005146", }, { db: "NVD", id: "CVE-2020-12022", }, ], }, references: { _id: null, data: [ { trust: 3.2, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-01", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-598/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-12022", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12022", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu93292753/", }, { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1646/", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/47693", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/129.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/181602", }, ], sources: [ { db: "ZDI", id: "ZDI-20-598", }, { db: "CNVD", id: "CNVD-2020-27432", }, { db: "VULHUB", id: "VHN-164659", }, { db: "VULMON", id: "CVE-2020-12022", }, { db: "JVNDB", id: "JVNDB-2020-005146", }, { db: "CNNVD", id: "CNNVD-202005-313", }, { db: "NVD", id: "CVE-2020-12022", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", ident: null, }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", ident: null, }, { db: "ZDI", id: "ZDI-20-598", ident: null, }, { db: "CNVD", id: "CNVD-2020-27432", ident: null, }, { db: "VULHUB", id: "VHN-164659", ident: null, }, { db: "VULMON", id: "CVE-2020-12022", ident: null, }, { db: "JVNDB", id: "JVNDB-2020-005146", ident: null, }, { db: "CNNVD", id: "CNNVD-202005-313", ident: null, }, { db: "NVD", id: "CVE-2020-12022", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-07T00:00:00", db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", ident: null, }, { date: "2020-05-07T00:00:00", db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-598", ident: null, }, { date: "2020-05-09T00:00:00", db: "CNVD", id: "CNVD-2020-27432", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULHUB", id: "VHN-164659", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULMON", id: "CVE-2020-12022", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005146", ident: null, }, { date: "2020-05-07T00:00:00", db: "CNNVD", id: "CNNVD-202005-313", ident: null, }, { date: "2020-05-08T12:15:11.363000", db: "NVD", id: "CVE-2020-12022", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-598", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-27432", ident: null, }, { date: "2020-05-11T00:00:00", db: "VULHUB", id: "VHN-164659", ident: null, }, { date: "2020-05-11T00:00:00", db: "VULMON", id: "CVE-2020-12022", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005146", ident: null, }, { date: "2020-12-31T00:00:00", db: "CNNVD", id: "CNNVD-202005-313", ident: null, }, { date: "2024-11-21T04:59:07.913000", db: "NVD", id: "CVE-2020-12022", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202005-313", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess Node Input validation error vulnerability", sources: [ { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", }, { db: "CNVD", id: "CNVD-2020-27432", }, { db: "CNNVD", id: "CNNVD-202005-313", }, ], trust: 1.6, }, type: { _id: null, data: "Input validation error", sources: [ { db: "IVD", id: "6265122d-0d35-44b3-85ea-0c5f7b711a0d", }, { db: "IVD", id: "19380447-9612-4180-8a2e-efbd7ba08404", }, { db: "CNNVD", id: "CNNVD-202005-313", }, ], trust: 1, }, }
var-201904-0184
Vulnerability from variot
Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper access control vulnerability may allow an attacker to cause a denial-of-service condition. Advantech WebAccess/SCADA Contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within UninstallWA.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following vulnerabilities: 1. Multiple command-injection vulnerabilities 2. A denial-of-service vulnerability 3. Multiple stack-based buffer-overflow vulnerabilities An attacker can exploit these issues to inject and execute arbitrary commands in the context of the application. Failed exploit attempts will result in denial-of-service conditions
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess", scope: "eq", trust: 0.8, vendor: "advantech", version: "8.3.5 and less", }, { _id: null, model: "webaccess", scope: null, trust: 0.7, vendor: "advantech", version: null, }, { _id: null, model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3", }, { _id: null, model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.4", }, { _id: null, model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", }, { db: "ZDI", id: "ZDI-19-331", }, { db: "CNVD", id: "CNVD-2019-08947", }, { db: "BID", id: "107675", }, { db: "JVNDB", id: "JVNDB-2019-003119", }, { db: "NVD", id: "CVE-2019-6554", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-003119", }, ], }, credits: { _id: null, data: "Mat Powell of Trend Micro Zero Day Initiative", sources: [ { db: "ZDI", id: "ZDI-19-331", }, ], trust: 0.7, }, cve: "CVE-2019-6554", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2019-6554", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CNVD-2019-08947", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-157989", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2019-6554", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-6554", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2019-6554", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-6554", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2019-6554", trust: 0.8, value: "High", }, { author: "ZDI", id: "CVE-2019-6554", trust: 0.7, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-08947", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201904-094", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-157989", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", }, { db: "ZDI", id: "ZDI-19-331", }, { db: "CNVD", id: "CNVD-2019-08947", }, { db: "VULHUB", id: "VHN-157989", }, { db: "JVNDB", id: "JVNDB-2019-003119", }, { db: "CNNVD", id: "CNNVD-201904-094", }, { db: "NVD", id: "CVE-2019-6554", }, ], }, description: { _id: null, data: "Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper access control vulnerability may allow an attacker to cause a denial-of-service condition. Advantech WebAccess/SCADA Contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within UninstallWA.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following vulnerabilities:\n1. Multiple command-injection vulnerabilities\n2. A denial-of-service vulnerability\n3. Multiple stack-based buffer-overflow vulnerabilities\nAn attacker can exploit these issues to inject and execute arbitrary commands in the context of the application. Failed exploit attempts will result in denial-of-service conditions", sources: [ { db: "NVD", id: "CVE-2019-6554", }, { db: "JVNDB", id: "JVNDB-2019-003119", }, { db: "ZDI", id: "ZDI-19-331", }, { db: "CNVD", id: "CNVD-2019-08947", }, { db: "BID", id: "107675", }, { db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", }, { db: "VULHUB", id: "VHN-157989", }, ], trust: 3.33, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2019-6554", trust: 4.3, }, { db: "ICS CERT", id: "ICSA-19-092-01", trust: 3.4, }, { db: "ZDI", id: "ZDI-19-331", trust: 1.3, }, { db: "CNNVD", id: "CNNVD-201904-094", trust: 0.9, }, { db: "BID", id: "107675", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-08947", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-003119", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-7908", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.1113", trust: 0.6, }, { db: "IVD", id: "6A9BB3F5-E6BE-4DC2-9D2B-57459A62BF8C", trust: 0.2, }, { db: "VULHUB", id: "VHN-157989", trust: 0.1, }, ], sources: [ { db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", }, { db: "ZDI", id: "ZDI-19-331", }, { db: "CNVD", id: "CNVD-2019-08947", }, { db: "VULHUB", id: "VHN-157989", }, { db: "BID", id: "107675", }, { db: "JVNDB", id: "JVNDB-2019-003119", }, { db: "CNNVD", id: "CNNVD-201904-094", }, { db: "NVD", id: "CVE-2019-6554", }, ], }, id: "VAR-201904-0184", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", }, { db: "CNVD", id: "CNVD-2019-08947", }, { db: "VULHUB", id: "VHN-157989", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", }, { db: "CNVD", id: "CNVD-2019-08947", }, ], }, last_update_date: "2024-11-23T22:17:06.371000Z", patch: { _id: null, data: [ { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01", }, { title: "Advantech WebAccess/SCADA Patch for Incorrect Access Control Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/157947", }, { title: "Advantech WebAccess and Advantech WebAccess/SCADA Fixes for access control error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91017", }, ], sources: [ { db: "ZDI", id: "ZDI-19-331", }, { db: "CNVD", id: "CNVD-2019-08947", }, { db: "JVNDB", id: "JVNDB-2019-003119", }, { db: "CNNVD", id: "CNNVD-201904-094", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-284", trust: 1.9, }, { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "VULHUB", id: "VHN-157989", }, { db: "JVNDB", id: "JVNDB-2019-003119", }, { db: "NVD", id: "CVE-2019-6554", }, ], }, references: { _id: null, data: [ { trust: 4.1, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-092-01", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-6554", }, { trust: 1.2, url: "http://www.securityfocus.com/bid/107675", }, { trust: 0.9, url: "https://www.advantech.com/", }, { trust: 0.9, url: "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv&doc_source=download", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6554", }, { trust: 0.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-331/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/78318", }, ], sources: [ { db: "ZDI", id: "ZDI-19-331", }, { db: "CNVD", id: "CNVD-2019-08947", }, { db: "VULHUB", id: "VHN-157989", }, { db: "BID", id: "107675", }, { db: "JVNDB", id: "JVNDB-2019-003119", }, { db: "CNNVD", id: "CNNVD-201904-094", }, { db: "NVD", id: "CVE-2019-6554", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", ident: null, }, { db: "ZDI", id: "ZDI-19-331", ident: null, }, { db: "CNVD", id: "CNVD-2019-08947", ident: null, }, { db: "VULHUB", id: "VHN-157989", ident: null, }, { db: "BID", id: "107675", ident: null, }, { db: "JVNDB", id: "JVNDB-2019-003119", ident: null, }, { db: "CNNVD", id: "CNNVD-201904-094", ident: null, }, { db: "NVD", id: "CVE-2019-6554", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2019-04-03T00:00:00", db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", ident: null, }, { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-331", ident: null, }, { date: "2019-04-03T00:00:00", db: "CNVD", id: "CNVD-2019-08947", ident: null, }, { date: "2019-04-05T00:00:00", db: "VULHUB", id: "VHN-157989", ident: null, }, { date: "2019-04-02T00:00:00", db: "BID", id: "107675", ident: null, }, { date: "2019-05-10T00:00:00", db: "JVNDB", id: "JVNDB-2019-003119", ident: null, }, { date: "2019-04-02T00:00:00", db: "CNNVD", id: "CNNVD-201904-094", ident: null, }, { date: "2019-04-05T19:29:00.407000", db: "NVD", id: "CVE-2019-6554", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2019-04-02T00:00:00", db: "ZDI", id: "ZDI-19-331", ident: null, }, { date: "2019-04-03T00:00:00", db: "CNVD", id: "CNVD-2019-08947", ident: null, }, { date: "2020-10-16T00:00:00", db: "VULHUB", id: "VHN-157989", ident: null, }, { date: "2019-04-02T00:00:00", db: "BID", id: "107675", ident: null, }, { date: "2019-05-10T00:00:00", db: "JVNDB", id: "JVNDB-2019-003119", ident: null, }, { date: "2020-10-21T00:00:00", db: "CNNVD", id: "CNNVD-201904-094", ident: null, }, { date: "2024-11-21T04:46:41.090000", db: "NVD", id: "CVE-2019-6554", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201904-094", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess/SCADA Incorrect access control vulnerability", sources: [ { db: "IVD", id: "6a9bb3f5-e6be-4dc2-9d2b-57459a62bf8c", }, { db: "CNVD", id: "CNVD-2019-08947", }, ], trust: 0.8, }, type: { _id: null, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-201904-094", }, ], trust: 0.6, }, }
var-202104-0340
Vulnerability from variot
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system. Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Advantech WebAccess/SCADA-IIoT is a web application developed by Advantech, Taiwan, China. There is a security vulnerability in WebAccess SCADA
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0340", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lte", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "lte", trust: 0.8, vendor: "アドバンテック株式会社", version: "versions 9.0.1 and earlier", }, { model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28788", }, { db: "JVNDB", id: "JVNDB-2021-001370", }, { db: "NVD", id: "CVE-2021-22669", }, ], }, cve: "CVE-2021-22669", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2021-22669", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2021-28788", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "VHN-381106", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2021-22669", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "IPA", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2021-001370", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-22669", trust: 1, value: "HIGH", }, { author: "IPA", id: "JVNDB-2021-001370", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2021-28788", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-980", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-381106", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2021-22669", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28788", }, { db: "VULHUB", id: "VHN-381106", }, { db: "VULMON", id: "CVE-2021-22669", }, { db: "JVNDB", id: "JVNDB-2021-001370", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-980", }, { db: "NVD", id: "CVE-2021-22669", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system. Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Advantech WebAccess/SCADA-IIoT is a web application developed by Advantech, Taiwan, China. There is a security vulnerability in WebAccess SCADA", sources: [ { db: "NVD", id: "CVE-2021-22669", }, { db: "JVNDB", id: "JVNDB-2021-001370", }, { db: "CNVD", id: "CNVD-2021-28788", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULHUB", id: "VHN-381106", }, { db: "VULMON", id: "CVE-2021-22669", }, ], trust: 2.88, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-22669", trust: 3.2, }, { db: "ICS CERT", id: "ICSA-21-103-02", trust: 3.2, }, { db: "JVN", id: "JVNVU99008843", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-001370", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-28788", trust: 0.7, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1248", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041404", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-980", trust: 0.6, }, { db: "VULHUB", id: "VHN-381106", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-22669", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28788", }, { db: "VULHUB", id: "VHN-381106", }, { db: "VULMON", id: "CVE-2021-22669", }, { db: "JVNDB", id: "JVNDB-2021-001370", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-980", }, { db: "NVD", id: "CVE-2021-22669", }, ], }, id: "VAR-202104-0340", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28788", }, { db: "VULHUB", id: "VHN-381106", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28788", }, ], }, last_update_date: "2024-11-23T21:22:31.959000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.com/support/details/installation?id=1-MS9MJV#", }, { title: "Patch for Advantech WebAccess/SCADA Critical Resource Authority Assignment Incorrect Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258981", }, { title: "Advantech WebAccess SCADA Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=149709", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28788", }, { db: "JVNDB", id: "JVNDB-2021-001370", }, { db: "CNNVD", id: "CNNVD-202104-980", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-732", trust: 1.1, }, { problemtype: "Improper permission assignment for critical resources (CWE-732) [IPA Evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-381106", }, { db: "JVNDB", id: "JVNDB-2021-001370", }, { db: "NVD", id: "CVE-2021-22669", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.8, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-02", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu99008843", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22669", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041404", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1248", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/732.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28788", }, { db: "VULHUB", id: "VHN-381106", }, { db: "VULMON", id: "CVE-2021-22669", }, { db: "JVNDB", id: "JVNDB-2021-001370", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-980", }, { db: "NVD", id: "CVE-2021-22669", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28788", }, { db: "VULHUB", id: "VHN-381106", }, { db: "VULMON", id: "CVE-2021-22669", }, { db: "JVNDB", id: "JVNDB-2021-001370", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-980", }, { db: "NVD", id: "CVE-2021-22669", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-16T00:00:00", db: "CNVD", id: "CNVD-2021-28788", }, { date: "2021-04-26T00:00:00", db: "VULHUB", id: "VHN-381106", }, { date: "2021-04-26T00:00:00", db: "VULMON", id: "CVE-2021-22669", }, { date: "2021-04-15T00:00:00", db: "JVNDB", id: "JVNDB-2021-001370", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-980", }, { date: "2021-04-26T19:15:08.417000", db: "NVD", id: "CVE-2021-22669", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-19T00:00:00", db: "CNVD", id: "CNVD-2021-28788", }, { date: "2021-05-07T00:00:00", db: "VULHUB", id: "VHN-381106", }, { date: "2021-05-07T00:00:00", db: "VULMON", id: "CVE-2021-22669", }, { date: "2021-04-15T06:48:00", db: "JVNDB", id: "JVNDB-2021-001370", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-05-08T00:00:00", db: "CNNVD", id: "CNNVD-202104-980", }, { date: "2024-11-21T05:50:26.640000", db: "NVD", id: "CVE-2021-22669", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-980", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech Made WebAccess/SCADA Improper allocation of access to important information", sources: [ { db: "JVNDB", id: "JVNDB-2021-001370", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-980", }, ], trust: 1.2, }, }
var-202102-0294
Vulnerability from variot
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator. Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the WADashboard component. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There are security vulnerabilities in WebAccess/SCADA WADashboard version 9.0 and earlier versions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0294", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lt", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "advantech", version: "version 9.0", }, { model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, { model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=9.0", }, ], sources: [ { db: "ZDI", id: "ZDI-20-1261", }, { db: "CNVD", id: "CNVD-2021-11309", }, { db: "JVNDB", id: "JVNDB-2020-009106", }, { db: "NVD", id: "CVE-2020-25161", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess%2Fscada", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-009106", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Sivathmican Sivakumaran", sources: [ { db: "ZDI", id: "ZDI-20-1261", }, ], trust: 0.7, }, cve: "CVE-2020-25161", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CVE-2020-25161", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2021-11309", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "VHN-179112", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2020-25161", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "IPA score", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-009106", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2020-25161", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-25161", trust: 1, value: "HIGH", }, { author: "IPA", id: "JVNDB-2020-009106", trust: 0.8, value: "High", }, { author: "ZDI", id: "CVE-2020-25161", trust: 0.7, value: "HIGH", }, { author: "CNVD", id: "CNVD-2021-11309", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202010-700", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-179112", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-1261", }, { db: "CNVD", id: "CNVD-2021-11309", }, { db: "VULHUB", id: "VHN-179112", }, { db: "JVNDB", id: "JVNDB-2020-009106", }, { db: "CNNVD", id: "CNNVD-202010-700", }, { db: "NVD", id: "CVE-2020-25161", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator. Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the WADashboard component. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There are security vulnerabilities in WebAccess/SCADA WADashboard version 9.0 and earlier versions", sources: [ { db: "NVD", id: "CVE-2020-25161", }, { db: "JVNDB", id: "JVNDB-2020-009106", }, { db: "ZDI", id: "ZDI-20-1261", }, { db: "CNVD", id: "CNVD-2021-11309", }, { db: "VULHUB", id: "VHN-179112", }, { db: "VULMON", id: "CVE-2020-25161", }, ], trust: 2.97, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-25161", trust: 3.9, }, { db: "ICS CERT", id: "ICSA-20-289-01", trust: 3.1, }, { db: "JVN", id: "JVNVU97695305", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-009106", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-11262", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-1261", trust: 0.7, }, { db: "CNNVD", id: "CNNVD-202010-700", trust: 0.7, }, { db: "CNVD", id: "CNVD-2021-11309", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3584", trust: 0.6, }, { db: "SEEBUG", id: "SSVID-98405", trust: 0.1, }, { db: "VULHUB", id: "VHN-179112", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-25161", trust: 0.1, }, ], sources: [ { db: "ZDI", id: "ZDI-20-1261", }, { db: "CNVD", id: "CNVD-2021-11309", }, { db: "VULHUB", id: "VHN-179112", }, { db: "VULMON", id: "CVE-2020-25161", }, { db: "JVNDB", id: "JVNDB-2020-009106", }, { db: "CNNVD", id: "CNNVD-202010-700", }, { db: "NVD", id: "CVE-2020-25161", }, ], }, id: "VAR-202102-0294", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-11309", }, { db: "VULHUB", id: "VHN-179112", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11309", }, ], }, last_update_date: "2024-11-23T22:25:21.556000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA Release Notes", trust: 0.8, url: "https://www.advantech.com/support/details/manual?id=1-1J6QG9J", }, { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-289-01", }, { title: "Patch for Advantech WebAccess/SCADA path manipulation code execution vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/248501", }, ], sources: [ { db: "ZDI", id: "ZDI-20-1261", }, { db: "CNVD", id: "CNVD-2021-11309", }, { db: "JVNDB", id: "JVNDB-2020-009106", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-610", trust: 1.1, }, { problemtype: "CWE-73", trust: 1, }, ], sources: [ { db: "VULHUB", id: "VHN-179112", }, { db: "NVD", id: "CVE-2020-25161", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.8, url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-289-01", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-25161", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu97695305", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25161", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3584/", }, { trust: 0.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/189888", }, ], sources: [ { db: "ZDI", id: "ZDI-20-1261", }, { db: "CNVD", id: "CNVD-2021-11309", }, { db: "VULHUB", id: "VHN-179112", }, { db: "VULMON", id: "CVE-2020-25161", }, { db: "JVNDB", id: "JVNDB-2020-009106", }, { db: "CNNVD", id: "CNNVD-202010-700", }, { db: "NVD", id: "CVE-2020-25161", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "ZDI", id: "ZDI-20-1261", }, { db: "CNVD", id: "CNVD-2021-11309", }, { db: "VULHUB", id: "VHN-179112", }, { db: "VULMON", id: "CVE-2020-25161", }, { db: "JVNDB", id: "JVNDB-2020-009106", }, { db: "CNNVD", id: "CNNVD-202010-700", }, { db: "NVD", id: "CVE-2020-25161", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-19T00:00:00", db: "ZDI", id: "ZDI-20-1261", }, { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11309", }, { date: "2021-02-23T00:00:00", db: "VULHUB", id: "VHN-179112", }, { date: "2021-02-23T00:00:00", db: "VULMON", id: "CVE-2020-25161", }, { date: "2020-10-19T00:00:00", db: "JVNDB", id: "JVNDB-2020-009106", }, { date: "2020-10-15T00:00:00", db: "CNNVD", id: "CNNVD-202010-700", }, { date: "2021-02-23T17:15:13.270000", db: "NVD", id: "CVE-2020-25161", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-19T00:00:00", db: "ZDI", id: "ZDI-20-1261", }, { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11309", }, { date: "2021-02-27T00:00:00", db: "VULHUB", id: "VHN-179112", }, { date: "2021-02-27T00:00:00", db: "VULMON", id: "CVE-2020-25161", }, { date: "2020-10-19T00:00:00", db: "JVNDB", id: "JVNDB-2020-009106", }, { date: "2021-03-02T00:00:00", db: "CNNVD", id: "CNNVD-202010-700", }, { date: "2024-11-21T05:17:30.647000", db: "NVD", id: "CVE-2020-25161", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202010-700", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech Made WebAccess/SCADA Filename and pathname external control vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2020-009106", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202010-700", }, ], trust: 0.6, }, }
var-202008-1298
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1298", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2020-48619", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48619", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.", sources: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48619", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], }, id: "VAR-202008-1298", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], }, last_update_date: "2022-05-04T10:03:27.008000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control IWshShell_Class class run member has a command execution vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225703", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48619", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48619", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has command execution vulnerability (CNVD-2020-48619)", sources: [ { db: "CNVD", id: "CNVD-2020-48619", }, ], trust: 0.6, }, }
var-202008-1302
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1302", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CNVD-2020-48624", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "LOW", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48624", trust: 0.6, value: "LOW", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48624", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], }, id: "VAR-202008-1302", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], }, last_update_date: "2022-05-04T09:59:46.987000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control FileSystemObject class DeleteFile member has arbitrary file deletion vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225689", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48624", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48624", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-48624)", sources: [ { db: "CNVD", id: "CNVD-2020-48624", }, ], trust: 0.6, }, }
var-202103-0009
Vulnerability from variot
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Is vulnerable to incorrect default permissions.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0009", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11307", }, { db: "JVNDB", id: "JVNDB-2020-016164", }, { db: "NVD", id: "CVE-2020-13554", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Discovered by Yuri Kramarz of Cisco Talos.", sources: [ { db: "CNNVD", id: "CNNVD-202102-1264", }, ], trust: 0.6, }, cve: "CVE-2020-13554", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CVE-2020-13554", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.8, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2021-11307", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "VHN-166344", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, id: "CVE-2020-13554", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "talos-cna@cisco.com", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13554", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2020-13554", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-13554", trust: 1, value: "HIGH", }, { author: "talos-cna@cisco.com", id: "CVE-2020-13554", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2020-13554", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2021-11307", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202102-1264", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-166344", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11307", }, { db: "VULHUB", id: "VHN-166344", }, { db: "JVNDB", id: "JVNDB-2020-016164", }, { db: "CNNVD", id: "CNNVD-202102-1264", }, { db: "NVD", id: "CVE-2020-13554", }, { db: "NVD", id: "CVE-2020-13554", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Is vulnerable to incorrect default permissions.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2020-13554", }, { db: "JVNDB", id: "JVNDB-2020-016164", }, { db: "CNVD", id: "CNVD-2021-11307", }, { db: "VULHUB", id: "VHN-166344", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "TALOS", id: "TALOS-2020-1169", trust: 3.1, }, { db: "NVD", id: "CVE-2020-13554", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-016164", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-11307", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202102-1264", trust: 0.6, }, { db: "VULHUB", id: "VHN-166344", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11307", }, { db: "VULHUB", id: "VHN-166344", }, { db: "JVNDB", id: "JVNDB-2020-016164", }, { db: "CNNVD", id: "CNNVD-202102-1264", }, { db: "NVD", id: "CVE-2020-13554", }, ], }, id: "VAR-202103-0009", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-11307", }, { db: "VULHUB", id: "VHN-166344", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11307", }, ], }, last_update_date: "2024-11-23T22:40:46.743000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.tw/support/details/installation?id=1-MS9MJV", }, { title: "Multiple Advantech Product security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=143433", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-016164", }, { db: "CNNVD", id: "CNNVD-202102-1264", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-276", trust: 1.1, }, { problemtype: "Inappropriate default permissions (CWE-276) [NVD Evaluation ]", trust: 0.8, }, { problemtype: "CWE-269", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-166344", }, { db: "JVNDB", id: "JVNDB-2020-016164", }, { db: "NVD", id: "CVE-2020-13554", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://talosintelligence.com/vulnerability_reports/talos-2020-1169", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13554", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11307", }, { db: "VULHUB", id: "VHN-166344", }, { db: "JVNDB", id: "JVNDB-2020-016164", }, { db: "CNNVD", id: "CNNVD-202102-1264", }, { db: "NVD", id: "CVE-2020-13554", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-11307", }, { db: "VULHUB", id: "VHN-166344", }, { db: "JVNDB", id: "JVNDB-2020-016164", }, { db: "CNNVD", id: "CNNVD-202102-1264", }, { db: "NVD", id: "CVE-2020-13554", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11307", }, { date: "2021-03-03T00:00:00", db: "VULHUB", id: "VHN-166344", }, { date: "2021-11-11T00:00:00", db: "JVNDB", id: "JVNDB-2020-016164", }, { date: "2021-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202102-1264", }, { date: "2021-03-03T17:15:11.487000", db: "NVD", id: "CVE-2020-13554", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-23T00:00:00", db: "CNVD", id: "CNVD-2021-11307", }, { date: "2022-09-30T00:00:00", db: "VULHUB", id: "VHN-166344", }, { date: "2021-11-11T08:23:00", db: "JVNDB", id: "JVNDB-2020-016164", }, { date: "2022-04-20T00:00:00", db: "CNNVD", id: "CNNVD-202102-1264", }, { date: "2024-11-21T05:01:29.170000", db: "NVD", id: "CVE-2020-13554", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202102-1264", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Inappropriate Default Permission Vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2020-016164", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202102-1264", }, ], trust: 0.6, }, }
var-202306-0132
Vulnerability from variot
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from China Advantech Company. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202306-0132", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lte", trust: 1, vendor: "advantech", version: "9.1.3", }, { model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=9.1.3", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15542", }, { db: "NVD", id: "CVE-2023-32540", }, ], }, cve: "CVE-2023-32540", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2024-15542", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2023-32540", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ics-cert@hq.dhs.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-32540", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-32540", trust: 1, value: "CRITICAL", }, { author: "ics-cert@hq.dhs.gov", id: "CVE-2023-32540", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2024-15542", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202306-088", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15542", }, { db: "CNNVD", id: "CNNVD-202306-088", }, { db: "NVD", id: "CVE-2023-32540", }, { db: "NVD", id: "CVE-2023-32540", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "\nIn Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from China Advantech Company. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2023-32540", }, { db: "CNVD", id: "CNVD-2024-15542", }, { db: "VULMON", id: "CVE-2023-32540", }, ], trust: 1.53, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-32540", trust: 2.3, }, { db: "ICS CERT", id: "ICSA-23-152-01", trust: 1.7, }, { db: "AUSCERT", id: "ESB-2023.3138", trust: 1.2, }, { db: "CNVD", id: "CNVD-2024-15542", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202306-088", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-32540", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15542", }, { db: "VULMON", id: "CVE-2023-32540", }, { db: "CNNVD", id: "CNNVD-202306-088", }, { db: "NVD", id: "CVE-2023-32540", }, ], }, id: "VAR-202306-0132", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2024-15542", }, ], trust: 1.2586422, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15542", }, ], }, last_update_date: "2024-08-14T14:43:12.403000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Advantech WebAccess/SCADA Arbitrary File Overwrite Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/537531", }, { title: "Advantech WebAccess/SCADA Fixes for code injection vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=241310", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15542", }, { db: "CNNVD", id: "CNNVD-202306-088", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-94", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-32540", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, { trust: 1.2, url: "https://www.auscert.org.au/bulletins/esb-2023.3138", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2023-32540", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-32540/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/94.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15542", }, { db: "VULMON", id: "CVE-2023-32540", }, { db: "CNNVD", id: "CNNVD-202306-088", }, { db: "NVD", id: "CVE-2023-32540", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2024-15542", }, { db: "VULMON", id: "CVE-2023-32540", }, { db: "CNNVD", id: "CNNVD-202306-088", }, { db: "NVD", id: "CVE-2023-32540", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-03-29T00:00:00", db: "CNVD", id: "CNVD-2024-15542", }, { date: "2023-06-06T00:00:00", db: "VULMON", id: "CVE-2023-32540", }, { date: "2023-06-02T00:00:00", db: "CNNVD", id: "CNNVD-202306-088", }, { date: "2023-06-06T00:15:10.067000", db: "NVD", id: "CVE-2023-32540", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-03-29T00:00:00", db: "CNVD", id: "CNVD-2024-15542", }, { date: "2023-06-06T00:00:00", db: "VULMON", id: "CVE-2023-32540", }, { date: "2023-06-13T00:00:00", db: "CNNVD", id: "CNNVD-202306-088", }, { date: "2023-06-12T16:55:37.857000", db: "NVD", id: "CVE-2023-32540", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202306-088", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Arbitrary File Overwrite Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2024-15542", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code injection", sources: [ { db: "CNNVD", id: "CNNVD-202306-088", }, ], trust: 0.6, }, }
var-202008-1301
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1301", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CNVD-2020-48623", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "LOW", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48623", trust: 0.6, value: "LOW", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48623", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], }, id: "VAR-202008-1301", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], }, last_update_date: "2022-05-04T09:32:45.234000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control FileSystemObject class DeleteFolder member has arbitrary file deletion vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225693", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48623", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48623", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-48623)", sources: [ { db: "CNVD", id: "CNVD-2020-48623", }, ], trust: 0.6, }, }
var-202005-0335
Vulnerability from variot
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. Advantech WebAccess Node Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791e in DATACORE.exe. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. Advantech WebAccess Node could allow a remote malicious user to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to overwrite arbitrary files on the system
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 2.1, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "eq", trust: 1.8, vendor: "advantech", version: "9.0.0", }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess", scope: "eq", trust: 0.8, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "gte", trust: 0.6, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "*", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "9.0.0", }, ], sources: [ { db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", }, { db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", }, { db: "ZDI", id: "ZDI-20-595", }, { db: "ZDI", id: "ZDI-20-589", }, { db: "ZDI", id: "ZDI-20-605", }, { db: "CNVD", id: "CNVD-2020-29743", }, { db: "JVNDB", id: "JVNDB-2020-005162", }, { db: "NVD", id: "CVE-2020-12006", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-005162", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-595", }, { db: "ZDI", id: "ZDI-20-589", }, { db: "ZDI", id: "ZDI-20-605", }, ], trust: 2.1, }, cve: "CVE-2020-12006", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-12006", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-005162", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-29743", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-164641", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12006", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2.1, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12006", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-005162", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2020-12006", trust: 2.1, value: "CRITICAL", }, { author: "nvd@nist.gov", id: "CVE-2020-12006", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "JVNDB-2020-005162", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2020-29743", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202005-306", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-164641", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-12006", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", }, { db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", }, { db: "ZDI", id: "ZDI-20-595", }, { db: "ZDI", id: "ZDI-20-589", }, { db: "ZDI", id: "ZDI-20-605", }, { db: "CNVD", id: "CNVD-2020-29743", }, { db: "VULHUB", id: "VHN-164641", }, { db: "VULMON", id: "CVE-2020-12006", }, { db: "JVNDB", id: "JVNDB-2020-005162", }, { db: "CNNVD", id: "CNNVD-202005-306", }, { db: "NVD", id: "CVE-2020-12006", }, ], }, description: { _id: null, data: "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. Advantech WebAccess Node Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791e in DATACORE.exe. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. Advantech WebAccess Node could allow a remote malicious user to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to overwrite arbitrary files on the system", sources: [ { db: "NVD", id: "CVE-2020-12006", }, { db: "JVNDB", id: "JVNDB-2020-005162", }, { db: "ZDI", id: "ZDI-20-595", }, { db: "ZDI", id: "ZDI-20-589", }, { db: "ZDI", id: "ZDI-20-605", }, { db: "CNVD", id: "CNVD-2020-29743", }, { db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", }, { db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", }, { db: "VULHUB", id: "VHN-164641", }, { db: "VULMON", id: "CVE-2020-12006", }, ], trust: 4.59, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2020-12006", trust: 5.7, }, { db: "ICS CERT", id: "ICSA-20-128-01", trust: 3.2, }, { db: "ZDI", id: "ZDI-20-595", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-589", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-605", trust: 2.5, }, { db: "CNVD", id: "CNVD-2020-29743", trust: 1.1, }, { db: "CNNVD", id: "CNNVD-202005-306", trust: 1.1, }, { db: "JVN", id: "JVNVU93292753", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-005162", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-9905", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9995", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9901", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2020.1646", trust: 0.6, }, { db: "NSFOCUS", id: "47349", trust: 0.6, }, { db: "IVD", id: "EC7B8103-B626-4A4F-985F-BD5BDBB95287", trust: 0.2, }, { db: "IVD", id: "2D8FC349-4A01-4FA6-8792-DDCEAE01196F", trust: 0.2, }, { db: "VULHUB", id: "VHN-164641", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-12006", trust: 0.1, }, ], sources: [ { db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", }, { db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", }, { db: "ZDI", id: "ZDI-20-595", }, { db: "ZDI", id: "ZDI-20-589", }, { db: "ZDI", id: "ZDI-20-605", }, { db: "CNVD", id: "CNVD-2020-29743", }, { db: "VULHUB", id: "VHN-164641", }, { db: "VULMON", id: "CVE-2020-12006", }, { db: "JVNDB", id: "JVNDB-2020-005162", }, { db: "CNNVD", id: "CNNVD-202005-306", }, { db: "NVD", id: "CVE-2020-12006", }, ], }, id: "VAR-202005-0335", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", }, { db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", }, { db: "CNVD", id: "CNVD-2020-29743", }, { db: "VULHUB", id: "VHN-164641", }, ], trust: 1.679503486666667, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 1, }, ], sources: [ { db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", }, { db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", }, { db: "CNVD", id: "CNVD-2020-29743", }, ], }, last_update_date: "2024-11-23T21:59:18.650000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 2.1, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Patch for Advantech WebAccess Node Path Traversal Vulnerability (CNVD-2020-29743)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/218853", }, ], sources: [ { db: "ZDI", id: "ZDI-20-595", }, { db: "ZDI", id: "ZDI-20-589", }, { db: "ZDI", id: "ZDI-20-605", }, { db: "CNVD", id: "CNVD-2020-29743", }, { db: "JVNDB", id: "JVNDB-2020-005162", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-22", trust: 1.9, }, { problemtype: "CWE-23", trust: 1, }, ], sources: [ { db: "VULHUB", id: "VHN-164641", }, { db: "JVNDB", id: "JVNDB-2020-005162", }, { db: "NVD", id: "CVE-2020-12006", }, ], }, references: { _id: null, data: [ { trust: 3.8, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-01", }, { trust: 2.4, url: "https://www.zerodayinitiative.com/advisories/zdi-20-605/", }, { trust: 2.1, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-589/", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-595/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-12006", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12006", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu93292753/", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/47349", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1646/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/22.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/181598", }, ], sources: [ { db: "ZDI", id: "ZDI-20-595", }, { db: "ZDI", id: "ZDI-20-589", }, { db: "ZDI", id: "ZDI-20-605", }, { db: "CNVD", id: "CNVD-2020-29743", }, { db: "VULHUB", id: "VHN-164641", }, { db: "VULMON", id: "CVE-2020-12006", }, { db: "JVNDB", id: "JVNDB-2020-005162", }, { db: "CNNVD", id: "CNNVD-202005-306", }, { db: "NVD", id: "CVE-2020-12006", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", ident: null, }, { db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", ident: null, }, { db: "ZDI", id: "ZDI-20-595", ident: null, }, { db: "ZDI", id: "ZDI-20-589", ident: null, }, { db: "ZDI", id: "ZDI-20-605", ident: null, }, { db: "CNVD", id: "CNVD-2020-29743", ident: null, }, { db: "VULHUB", id: "VHN-164641", ident: null, }, { db: "VULMON", id: "CVE-2020-12006", ident: null, }, { db: "JVNDB", id: "JVNDB-2020-005162", ident: null, }, { db: "CNNVD", id: "CNNVD-202005-306", ident: null, }, { db: "NVD", id: "CVE-2020-12006", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-07T00:00:00", db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", ident: null, }, { date: "2020-05-07T00:00:00", db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-595", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-589", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-605", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29743", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULHUB", id: "VHN-164641", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULMON", id: "CVE-2020-12006", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005162", ident: null, }, { date: "2020-05-07T00:00:00", db: "CNNVD", id: "CNNVD-202005-306", ident: null, }, { date: "2020-05-08T12:15:11.160000", db: "NVD", id: "CVE-2020-12006", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-595", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-589", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-605", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29743", ident: null, }, { date: "2021-09-23T00:00:00", db: "VULHUB", id: "VHN-164641", ident: null, }, { date: "2020-05-12T00:00:00", db: "VULMON", id: "CVE-2020-12006", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005162", ident: null, }, { date: "2021-01-04T00:00:00", db: "CNNVD", id: "CNNVD-202005-306", ident: null, }, { date: "2024-11-21T04:59:06.080000", db: "NVD", id: "CVE-2020-12006", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202005-306", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess Node Past Traversal Vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2020-005162", }, ], trust: 0.8, }, type: { _id: null, data: "Path traversal", sources: [ { db: "IVD", id: "ec7b8103-b626-4a4f-985f-bd5bdbb95287", }, { db: "IVD", id: "2d8fc349-4a01-4fa6-8792-ddceae01196f", }, { db: "CNNVD", id: "CNNVD-202005-306", }, ], trust: 1, }, }
var-202011-1538
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1538", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58462", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-58462", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-58462", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58462", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-58462", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-58462", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58462", }, ], }, id: "VAR-202011-1538", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-58462", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58462", }, ], }, last_update_date: "2022-05-04T09:59:39.996000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-58462", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-28T00:00:00", db: "CNVD", id: "CNVD-2020-58462", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-25T00:00:00", db: "CNVD", id: "CNVD-2020-58462", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-58462)", sources: [ { db: "CNVD", id: "CNVD-2020-58462", }, ], trust: 0.6, }, }
var-202005-1244
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5209 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, ], sources: [ { db: "ZDI", id: "ZDI-20-607", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-607", }, ], trust: 0.7, }, cvss: { _id: null, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "ZDI-20-607", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "ZDI-20-607", trust: 0.7, value: "CRITICAL", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-607", }, ], }, description: { _id: null, data: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5209 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.", sources: [ { db: "ZDI", id: "ZDI-20-607", }, ], trust: 0.7, }, external_ids: { _id: null, data: [ { db: "ZDI_CAN", id: "ZDI-CAN-9936", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-607", trust: 0.7, }, ], sources: [ { db: "ZDI", id: "ZDI-20-607", }, ], }, id: "VAR-202005-1244", iot: { _id: null, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6405517, }, last_update_date: "2022-05-17T01:36:00.872000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-607", }, ], }, references: { _id: null, data: [ { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-607", }, ], }, sources: { _id: null, data: [ { db: "ZDI", id: "ZDI-20-607", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-607", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-607", ident: null, }, ], }, title: { _id: null, data: "Advantech WebAccess/SCADA DATACORE IOCTL 0x5209 Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-607", }, ], trust: 0.7, }, }
var-202306-0131
Vulnerability from variot
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from China Advantech Company. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. This vulnerability is caused by the application's lack of effective verification of uploaded files
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202306-0131", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lte", trust: 1, vendor: "advantech", version: "9.1.3", }, { model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=9.1.3", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15543", }, { db: "NVD", id: "CVE-2023-22450", }, ], }, cve: "CVE-2023-22450", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2024-15543", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-22450", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-22450", trust: 1, value: "HIGH", }, { author: "ics-cert@hq.dhs.gov", id: "CVE-2023-22450", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2024-15543", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202306-084", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15543", }, { db: "CNNVD", id: "CNNVD-202306-084", }, { db: "NVD", id: "CVE-2023-22450", }, { db: "NVD", id: "CVE-2023-22450", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "\n\n\nIn Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from China Advantech Company. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. This vulnerability is caused by the application's lack of effective verification of uploaded files", sources: [ { db: "NVD", id: "CVE-2023-22450", }, { db: "CNVD", id: "CNVD-2024-15543", }, { db: "VULMON", id: "CVE-2023-22450", }, ], trust: 1.53, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-22450", trust: 2.3, }, { db: "ICS CERT", id: "ICSA-23-152-01", trust: 1.7, }, { db: "AUSCERT", id: "ESB-2023.3138", trust: 1.2, }, { db: "CNVD", id: "CNVD-2024-15543", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202306-084", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-22450", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15543", }, { db: "VULMON", id: "CVE-2023-22450", }, { db: "CNNVD", id: "CNNVD-202306-084", }, { db: "NVD", id: "CVE-2023-22450", }, ], }, id: "VAR-202306-0131", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2024-15543", }, ], trust: 1.2586422, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15543", }, ], }, last_update_date: "2024-08-14T14:43:12.428000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Advantech WebAccess/SCADA Arbitrary File Upload Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/537526", }, { title: "Advantech WebAccess/SCADA Fixes for code issue vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=240434", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15543", }, { db: "CNNVD", id: "CNNVD-202306-084", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-434", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2023-22450", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01", }, { trust: 1.2, url: "https://www.auscert.org.au/bulletins/esb-2023.3138", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-22450/", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2023-22450", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/434.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-15543", }, { db: "VULMON", id: "CVE-2023-22450", }, { db: "CNNVD", id: "CNNVD-202306-084", }, { db: "NVD", id: "CVE-2023-22450", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2024-15543", }, { db: "VULMON", id: "CVE-2023-22450", }, { db: "CNNVD", id: "CNNVD-202306-084", }, { db: "NVD", id: "CVE-2023-22450", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-03-29T00:00:00", db: "CNVD", id: "CNVD-2024-15543", }, { date: "2023-06-06T00:00:00", db: "VULMON", id: "CVE-2023-22450", }, { date: "2023-06-02T00:00:00", db: "CNNVD", id: "CNNVD-202306-084", }, { date: "2023-06-06T00:15:09.310000", db: "NVD", id: "CVE-2023-22450", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-03-29T00:00:00", db: "CNVD", id: "CNVD-2024-15543", }, { date: "2023-06-06T00:00:00", db: "VULMON", id: "CVE-2023-22450", }, { date: "2023-06-13T00:00:00", db: "CNNVD", id: "CNNVD-202306-084", }, { date: "2023-06-12T16:56:27.357000", db: "NVD", id: "CVE-2023-22450", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202306-084", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Arbitrary File Upload Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2024-15543", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code problem", sources: [ { db: "CNNVD", id: "CNNVD-202306-084", }, ], trust: 0.6, }, }
var-202005-1242
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x521B in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, ], sources: [ { db: "ZDI", id: "ZDI-20-611", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-611", }, ], trust: 0.7, }, cvss: { _id: null, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "ZDI-20-611", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "ZDI-20-611", trust: 0.7, value: "CRITICAL", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-611", }, ], }, description: { _id: null, data: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x521B in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.", sources: [ { db: "ZDI", id: "ZDI-20-611", }, ], trust: 0.7, }, external_ids: { _id: null, data: [ { db: "ZDI_CAN", id: "ZDI-CAN-9947", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-611", trust: 0.7, }, ], sources: [ { db: "ZDI", id: "ZDI-20-611", }, ], }, id: "VAR-202005-1242", iot: { _id: null, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6405517, }, last_update_date: "2022-05-17T01:45:05.751000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-611", }, ], }, references: { _id: null, data: [ { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-611", }, ], }, sources: { _id: null, data: [ { db: "ZDI", id: "ZDI-20-611", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-611", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-611", ident: null, }, ], }, title: { _id: null, data: "Advantech WebAccess/SCADA DATACORE IOCTL 0x521B Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-611", }, ], trust: 0.7, }, }
var-201906-1024
Vulnerability from variot
In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information. WebAccess/SCADA Contains an out-of-bounds vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within viewsrv.dll, which is accessed through the 0x2722 IOCTL in the webvrpcs process. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA 8.3.5 and earlier that could allow an attacker to cause a buffer overflow or heap overflow. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in the execution of wrong data to other associated memory locations. read and write operations
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201906-1024", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess", scope: "lte", trust: 1.8, vendor: "advantech", version: "8.3.5", }, { model: "webaccess", scope: null, trust: 0.7, vendor: "advantech", version: null, }, { model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.0", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "7.2", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.4.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { db: "ZDI", id: "ZDI-19-621", }, { db: "CNVD", id: "CNVD-2019-32477", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005817", }, { db: "NVD", id: "CVE-2019-10983", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-005817", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Mat Powell of Trend Micro Zero Day Initiative", sources: [ { db: "ZDI", id: "ZDI-19-621", }, ], trust: 0.7, }, cve: "CVE-2019-10983", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-10983", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32477", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-142584", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-10983", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-10983", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2019-10983", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-10983", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2019-10983", trust: 0.8, value: "High", }, { author: "ZDI", id: "CVE-2019-10983", trust: 0.7, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2019-32477", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201906-1073", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-142584", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { db: "ZDI", id: "ZDI-19-621", }, { db: "CNVD", id: "CNVD-2019-32477", }, { db: "VULHUB", id: "VHN-142584", }, { db: "JVNDB", id: "JVNDB-2019-005817", }, { db: "CNNVD", id: "CNNVD-201906-1073", }, { db: "NVD", id: "CVE-2019-10983", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information. WebAccess/SCADA Contains an out-of-bounds vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within viewsrv.dll, which is accessed through the 0x2722 IOCTL in the webvrpcs process. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA 8.3.5 and earlier that could allow an attacker to cause a buffer overflow or heap overflow. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in the execution of wrong data to other associated memory locations. read and write operations", sources: [ { db: "NVD", id: "CVE-2019-10983", }, { db: "JVNDB", id: "JVNDB-2019-005817", }, { db: "ZDI", id: "ZDI-19-621", }, { db: "CNVD", id: "CNVD-2019-32477", }, { db: "BID", id: "108923", }, { db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { db: "VULHUB", id: "VHN-142584", }, ], trust: 3.33, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-10983", trust: 4.3, }, { db: "ICS CERT", id: "ICSA-19-178-05", trust: 2.8, }, { db: "ZDI", id: "ZDI-19-621", trust: 2.4, }, { db: "BID", id: "108923", trust: 1.5, }, { db: "CNNVD", id: "CNNVD-201906-1073", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32477", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-005817", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-8193", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.2350", trust: 0.6, }, { db: "IVD", id: "5F89DA07-DAA5-4005-B08F-ACEC3E1B8E75", trust: 0.2, }, { db: "VULHUB", id: "VHN-142584", trust: 0.1, }, ], sources: [ { db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { db: "ZDI", id: "ZDI-19-621", }, { db: "CNVD", id: "CNVD-2019-32477", }, { db: "VULHUB", id: "VHN-142584", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005817", }, { db: "CNNVD", id: "CNNVD-201906-1073", }, { db: "NVD", id: "CVE-2019-10983", }, ], }, id: "VAR-201906-1024", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { db: "CNVD", id: "CNVD-2019-32477", }, { db: "VULHUB", id: "VHN-142584", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { db: "CNVD", id: "CNVD-2019-32477", }, ], }, last_update_date: "2024-11-23T21:52:09.335000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { title: "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32477)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181489", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94176", }, ], sources: [ { db: "ZDI", id: "ZDI-19-621", }, { db: "CNVD", id: "CNVD-2019-32477", }, { db: "JVNDB", id: "JVNDB-2019-005817", }, { db: "CNNVD", id: "CNNVD-201906-1073", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-142584", }, { db: "JVNDB", id: "JVNDB-2019-005817", }, { db: "NVD", id: "CVE-2019-10983", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.5, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-621/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10983", }, { trust: 1.2, url: "http://www.securityfocus.com/bid/108923", }, { trust: 0.9, url: "http://webaccess.advantech.com", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10983", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2350/", }, ], sources: [ { db: "ZDI", id: "ZDI-19-621", }, { db: "CNVD", id: "CNVD-2019-32477", }, { db: "VULHUB", id: "VHN-142584", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005817", }, { db: "CNNVD", id: "CNNVD-201906-1073", }, { db: "NVD", id: "CVE-2019-10983", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { db: "ZDI", id: "ZDI-19-621", }, { db: "CNVD", id: "CNVD-2019-32477", }, { db: "VULHUB", id: "VHN-142584", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005817", }, { db: "CNNVD", id: "CNNVD-201906-1073", }, { db: "NVD", id: "CVE-2019-10983", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-621", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32477", }, { date: "2019-06-28T00:00:00", db: "VULHUB", id: "VHN-142584", }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005817", }, { date: "2019-06-27T00:00:00", db: "CNNVD", id: "CNNVD-201906-1073", }, { date: "2019-06-28T21:15:11.057000", db: "NVD", id: "CVE-2019-10983", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-621", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32477", }, { date: "2019-07-02T00:00:00", db: "VULHUB", id: "VHN-142584", }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005817", }, { date: "2019-07-03T00:00:00", db: "CNNVD", id: "CNNVD-201906-1073", }, { date: "2024-11-21T04:20:17.693000", db: "NVD", id: "CVE-2019-10983", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-1073", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA Vulnerable to out-of-bounds reading", sources: [ { db: "JVNDB", id: "JVNDB-2019-005817", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "5f89da07-daa5-4005-b08f-acec3e1b8e75", }, { db: "CNNVD", id: "CNNVD-201906-1073", }, ], trust: 0.8, }, }
var-201906-1029
Vulnerability from variot
In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: null, trust: 10.5, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { _id: null, model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", }, { db: "ZDI", id: "ZDI-19-599", }, { db: "ZDI", id: "ZDI-19-613", }, { db: "ZDI", id: "ZDI-19-610", }, { db: "ZDI", id: "ZDI-19-616", }, { db: "ZDI", id: "ZDI-19-606", }, { db: "ZDI", id: "ZDI-19-598", }, { db: "ZDI", id: "ZDI-19-609", }, { db: "ZDI", id: "ZDI-19-600", }, { db: "ZDI", id: "ZDI-19-593", }, { db: "ZDI", id: "ZDI-19-615", }, { db: "ZDI", id: "ZDI-19-601", }, { db: "ZDI", id: "ZDI-19-607", }, { db: "ZDI", id: "ZDI-19-597", }, { db: "ZDI", id: "ZDI-19-618", }, { db: "ZDI", id: "ZDI-19-623", }, { db: "CNVD", id: "CNVD-2019-32473", }, { db: "NVD", id: "CVE-2019-10993", }, ], }, credits: { _id: null, data: "Natnael Samson (@NattiSamson)", sources: [ { db: "ZDI", id: "ZDI-19-599", }, { db: "ZDI", id: "ZDI-19-613", }, { db: "ZDI", id: "ZDI-19-610", }, { db: "ZDI", id: "ZDI-19-616", }, { db: "ZDI", id: "ZDI-19-606", }, { db: "ZDI", id: "ZDI-19-598", }, { db: "ZDI", id: "ZDI-19-609", }, { db: "ZDI", id: "ZDI-19-600", }, { db: "ZDI", id: "ZDI-19-593", }, { db: "ZDI", id: "ZDI-19-615", }, { db: "ZDI", id: "ZDI-19-601", }, { db: "ZDI", id: "ZDI-19-607", }, { db: "ZDI", id: "ZDI-19-597", }, { db: "ZDI", id: "ZDI-19-618", }, ], trust: 9.8, }, cve: "CVE-2019-10993", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-10993", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32473", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-10993", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 10.5, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-10993", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "ZDI", id: "CVE-2019-10993", trust: 10.5, value: "CRITICAL", }, { author: "nvd@nist.gov", id: "CVE-2019-10993", trust: 1, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2019-32473", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201906-1077", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", trust: 0.2, value: "CRITICAL", }, ], }, ], sources: [ { db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", }, { db: "ZDI", id: "ZDI-19-599", }, { db: "ZDI", id: "ZDI-19-613", }, { db: "ZDI", id: "ZDI-19-610", }, { db: "ZDI", id: "ZDI-19-616", }, { db: "ZDI", id: "ZDI-19-606", }, { db: "ZDI", id: "ZDI-19-598", }, { db: "ZDI", id: "ZDI-19-609", }, { db: "ZDI", id: "ZDI-19-600", }, { db: "ZDI", id: "ZDI-19-593", }, { db: "ZDI", id: "ZDI-19-615", }, { db: "ZDI", id: "ZDI-19-601", }, { db: "ZDI", id: "ZDI-19-607", }, { db: "ZDI", id: "ZDI-19-597", }, { db: "ZDI", id: "ZDI-19-618", }, { db: "ZDI", id: "ZDI-19-623", }, { db: "CNVD", id: "CNVD-2019-32473", }, { db: "CNNVD", id: "CNNVD-201906-1077", }, { db: "NVD", id: "CVE-2019-10993", }, ], }, description: { _id: null, data: "In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2776 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment", sources: [ { db: "NVD", id: "CVE-2019-10993", }, { db: "ZDI", id: "ZDI-19-599", }, { db: "ZDI", id: "ZDI-19-623", }, { db: "ZDI", id: "ZDI-19-618", }, { db: "ZDI", id: "ZDI-19-597", }, { db: "ZDI", id: "ZDI-19-607", }, { db: "ZDI", id: "ZDI-19-601", }, { db: "ZDI", id: "ZDI-19-615", }, { db: "ZDI", id: "ZDI-19-593", }, { db: "ZDI", id: "ZDI-19-600", }, { db: "ZDI", id: "ZDI-19-609", }, { db: "ZDI", id: "ZDI-19-598", }, { db: "ZDI", id: "ZDI-19-606", }, { db: "ZDI", id: "ZDI-19-616", }, { db: "ZDI", id: "ZDI-19-610", }, { db: "ZDI", id: "ZDI-19-613", }, { db: "CNVD", id: "CNVD-2019-32473", }, { db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", }, ], trust: 11.07, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2019-10993", trust: 12.9, }, { db: "ZDI", id: "ZDI-19-613", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-616", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-606", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-598", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-615", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-601", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-607", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-597", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-618", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-623", trust: 2.3, }, { db: "ZDI", id: "ZDI-19-612", trust: 1.6, }, { db: "ZDI", id: "ZDI-19-603", trust: 1.6, }, { db: "ZDI", id: "ZDI-19-614", trust: 1.6, }, { db: "ZDI", id: "ZDI-19-602", trust: 1.6, }, { db: "ZDI", id: "ZDI-19-617", trust: 1.6, }, { db: "ZDI", id: "ZDI-19-605", trust: 1.6, }, { db: "ZDI", id: "ZDI-19-611", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-19-178-05", trust: 1.6, }, { db: "CNVD", id: "CNVD-2019-32473", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201906-1077", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-8129", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-599", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8146", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8143", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-610", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8150", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8139", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8128", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8142", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-609", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8130", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-600", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8116", trust: 0.7, }, { db: "ZDI", id: "ZDI-19-593", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8148", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8133", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8140", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8127", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8152", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8119", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.2350", trust: 0.6, }, { db: "BID", id: "108923", trust: 0.6, }, { db: "IVD", id: "D5DCD84F-1ACA-4DC3-AC16-D5C7C3DD4D07", trust: 0.2, }, ], sources: [ { db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", }, { db: "ZDI", id: "ZDI-19-599", }, { db: "ZDI", id: "ZDI-19-613", }, { db: "ZDI", id: "ZDI-19-610", }, { db: "ZDI", id: "ZDI-19-616", }, { db: "ZDI", id: "ZDI-19-606", }, { db: "ZDI", id: "ZDI-19-598", }, { db: "ZDI", id: "ZDI-19-609", }, { db: "ZDI", id: "ZDI-19-600", }, { db: "ZDI", id: "ZDI-19-593", }, { db: "ZDI", id: "ZDI-19-615", }, { db: "ZDI", id: "ZDI-19-601", }, { db: "ZDI", id: "ZDI-19-607", }, { db: "ZDI", id: "ZDI-19-597", }, { db: "ZDI", id: "ZDI-19-618", }, { db: "ZDI", id: "ZDI-19-623", }, { db: "CNVD", id: "CNVD-2019-32473", }, { db: "CNNVD", id: "CNNVD-201906-1077", }, { db: "NVD", id: "CVE-2019-10993", }, ], }, id: "VAR-201906-1029", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", }, { db: "CNVD", id: "CNVD-2019-32473", }, ], trust: 1.34667458, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", }, { db: "CNVD", id: "CNVD-2019-32473", }, ], }, last_update_date: "2024-11-29T22:51:20.239000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 10.5, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { title: "Patch for Advantech WebAccess/SCADA arbitrary code execution vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181487", }, { title: "Advantech WebAccess/SCADA Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94180", }, ], sources: [ { db: "ZDI", id: "ZDI-19-599", }, { db: "ZDI", id: "ZDI-19-613", }, { db: "ZDI", id: "ZDI-19-610", }, { db: "ZDI", id: "ZDI-19-616", }, { db: "ZDI", id: "ZDI-19-606", }, { db: "ZDI", id: "ZDI-19-598", }, { db: "ZDI", id: "ZDI-19-609", }, { db: "ZDI", id: "ZDI-19-600", }, { db: "ZDI", id: "ZDI-19-593", }, { db: "ZDI", id: "ZDI-19-615", }, { db: "ZDI", id: "ZDI-19-601", }, { db: "ZDI", id: "ZDI-19-607", }, { db: "ZDI", id: "ZDI-19-597", }, { db: "ZDI", id: "ZDI-19-618", }, { db: "ZDI", id: "ZDI-19-623", }, { db: "CNVD", id: "CNVD-2019-32473", }, { db: "CNNVD", id: "CNNVD-201906-1077", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-119", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2019-10993", }, ], }, references: { _id: null, data: [ { trust: 12.1, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { trust: 2.2, url: "https://www.zerodayinitiative.com/advisories/zdi-19-623/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-597/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-611/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-601/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-612/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-598/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-615/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-605/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-616/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-602/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-613/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-603/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-614/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-606/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-617/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-607/", }, { trust: 1.6, url: "https://www.zerodayinitiative.com/advisories/zdi-19-618/", }, { trust: 1.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10993", }, { trust: 0.6, url: "http://webaccess.advantech.com", }, { trust: 0.6, url: "https://www.securityfocus.com/bid/108923", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2350/", }, ], sources: [ { db: "ZDI", id: "ZDI-19-599", }, { db: "ZDI", id: "ZDI-19-613", }, { db: "ZDI", id: "ZDI-19-610", }, { db: "ZDI", id: "ZDI-19-616", }, { db: "ZDI", id: "ZDI-19-606", }, { db: "ZDI", id: "ZDI-19-598", }, { db: "ZDI", id: "ZDI-19-609", }, { db: "ZDI", id: "ZDI-19-600", }, { db: "ZDI", id: "ZDI-19-593", }, { db: "ZDI", id: "ZDI-19-615", }, { db: "ZDI", id: "ZDI-19-601", }, { db: "ZDI", id: "ZDI-19-607", }, { db: "ZDI", id: "ZDI-19-597", }, { db: "ZDI", id: "ZDI-19-618", }, { db: "ZDI", id: "ZDI-19-623", }, { db: "CNVD", id: "CNVD-2019-32473", }, { db: "CNNVD", id: "CNNVD-201906-1077", }, { db: "NVD", id: "CVE-2019-10993", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", ident: null, }, { db: "ZDI", id: "ZDI-19-599", ident: null, }, { db: "ZDI", id: "ZDI-19-613", ident: null, }, { db: "ZDI", id: "ZDI-19-610", ident: null, }, { db: "ZDI", id: "ZDI-19-616", ident: null, }, { db: "ZDI", id: "ZDI-19-606", ident: null, }, { db: "ZDI", id: "ZDI-19-598", ident: null, }, { db: "ZDI", id: "ZDI-19-609", ident: null, }, { db: "ZDI", id: "ZDI-19-600", ident: null, }, { db: "ZDI", id: "ZDI-19-593", ident: null, }, { db: "ZDI", id: "ZDI-19-615", ident: null, }, { db: "ZDI", id: "ZDI-19-601", ident: null, }, { db: "ZDI", id: "ZDI-19-607", ident: null, }, { db: "ZDI", id: "ZDI-19-597", ident: null, }, { db: "ZDI", id: "ZDI-19-618", ident: null, }, { db: "ZDI", id: "ZDI-19-623", ident: null, }, { db: "CNVD", id: "CNVD-2019-32473", ident: null, }, { db: "CNNVD", id: "CNNVD-201906-1077", ident: null, }, { db: "NVD", id: "CVE-2019-10993", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-599", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-613", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-610", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-616", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-606", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-598", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-609", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-600", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-593", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-615", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-601", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-607", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-597", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-618", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-623", ident: null, }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32473", ident: null, }, { date: "2019-06-27T00:00:00", db: "CNNVD", id: "CNNVD-201906-1077", ident: null, }, { date: "2019-06-28T21:15:11.353000", db: "NVD", id: "CVE-2019-10993", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-599", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-613", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-610", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-616", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-606", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-598", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-609", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-600", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-593", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-615", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-601", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-607", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-597", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-618", ident: null, }, { date: "2024-01-19T00:00:00", db: "ZDI", id: "ZDI-19-623", ident: null, }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32473", ident: null, }, { date: "2022-04-19T00:00:00", db: "CNNVD", id: "CNNVD-201906-1077", ident: null, }, { date: "2024-11-21T04:20:18.740000", db: "NVD", id: "CVE-2019-10993", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-1077", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess/SCADA Arbitrary code execution vulnerability", sources: [ { db: "IVD", id: "d5dcd84f-1aca-4dc3-ac16-d5c7c3dd4d07", }, { db: "CNVD", id: "CNVD-2019-32473", }, ], trust: 0.8, }, type: { _id: null, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201906-1077", }, ], trust: 0.6, }, }
var-202005-1243
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5218 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 0.7, vendor: "advantech", version: null, }, ], sources: [ { db: "ZDI", id: "ZDI-20-612", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-612", }, ], trust: 0.7, }, cvss: { _id: null, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "ZDI-20-612", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "ZDI-20-612", trust: 0.7, value: "CRITICAL", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-20-612", }, ], }, description: { _id: null, data: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of IOCTL 0x5218 in datacore.exe. The issue results from the lack of proper validation of user-supplied data, which can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.", sources: [ { db: "ZDI", id: "ZDI-20-612", }, ], trust: 0.7, }, external_ids: { _id: null, data: [ { db: "ZDI_CAN", id: "ZDI-CAN-9948", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-612", trust: 0.7, }, ], sources: [ { db: "ZDI", id: "ZDI-20-612", }, ], }, id: "VAR-202005-1243", iot: { _id: null, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.6405517, }, last_update_date: "2022-05-17T01:47:48.154000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-612", }, ], }, references: { _id: null, data: [ { trust: 0.7, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, ], sources: [ { db: "ZDI", id: "ZDI-20-612", }, ], }, sources: { _id: null, data: [ { db: "ZDI", id: "ZDI-20-612", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-612", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-612", ident: null, }, ], }, title: { _id: null, data: "Advantech WebAccess/SCADA DATACORE IOCTL 0x5218 Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-612", }, ], trust: 0.7, }, }
var-202008-1300
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1300", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2020-48621", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48621", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has a command execution vulnerability. Attackers can use the vulnerability to execute console commands.", sources: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48621", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], }, id: "VAR-202008-1300", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], }, last_update_date: "2022-05-04T09:21:41.945000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control IWshShell_Class class exec member has a command execution vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225721", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48621", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48621", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has command execution vulnerability (CNVD-2020-48621)", sources: [ { db: "CNVD", id: "CNVD-2020-48621", }, ], trust: 0.6, }, }
var-202103-0910
Vulnerability from variot
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment.
Advantech WebAccess/SCADA 9.0 and earlier versions have cross-site scripting vulnerabilities
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0910", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "lte", trust: 1, vendor: "advantech", version: "9.0", }, { model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-27809", }, { db: "NVD", id: "CVE-2021-27436", }, ], }, cve: "CVE-2021-27436", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2021-27436", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CNVD-2021-27809", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-386703", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-27436", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-27436", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2021-27809", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202103-1019", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-386703", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-27436", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-27809", }, { db: "VULHUB", id: "VHN-386703", }, { db: "VULMON", id: "CVE-2021-27436", }, { db: "CNNVD", id: "CNNVD-202103-1019", }, { db: "NVD", id: "CVE-2021-27436", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment. \n\r\n\r\nAdvantech WebAccess/SCADA 9.0 and earlier versions have cross-site scripting vulnerabilities", sources: [ { db: "NVD", id: "CVE-2021-27436", }, { db: "CNVD", id: "CNVD-2021-27809", }, { db: "VULHUB", id: "VHN-386703", }, { db: "VULMON", id: "CVE-2021-27436", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "ICS CERT", id: "ICSA-21-075-01", trust: 2.4, }, { db: "NVD", id: "CVE-2021-27436", trust: 2.4, }, { db: "CNNVD", id: "CNNVD-202103-1019", trust: 0.7, }, { db: "CNVD", id: "CNVD-2021-27809", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0939", trust: 0.6, }, { db: "VULHUB", id: "VHN-386703", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-27436", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-27809", }, { db: "VULHUB", id: "VHN-386703", }, { db: "VULMON", id: "CVE-2021-27436", }, { db: "CNNVD", id: "CNNVD-202103-1019", }, { db: "NVD", id: "CVE-2021-27436", }, ], }, id: "VAR-202103-0910", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-27809", }, { db: "VULHUB", id: "VHN-386703", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-27809", }, ], }, last_update_date: "2024-11-23T22:40:42.451000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Advantech WebAccess/SCADA cross-site scripting vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/257466", }, { title: "Advantech Advantech WebAccess/SCADA Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145471", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-27809", }, { db: "CNNVD", id: "CNNVD-202103-1019", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.1, }, ], sources: [ { db: "VULHUB", id: "VHN-386703", }, { db: "NVD", id: "CVE-2021-27436", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-075-01", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0939", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27436", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/79.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-27809", }, { db: "VULHUB", id: "VHN-386703", }, { db: "VULMON", id: "CVE-2021-27436", }, { db: "CNNVD", id: "CNNVD-202103-1019", }, { db: "NVD", id: "CVE-2021-27436", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-27809", }, { db: "VULHUB", id: "VHN-386703", }, { db: "VULMON", id: "CVE-2021-27436", }, { db: "CNNVD", id: "CNNVD-202103-1019", }, { db: "NVD", id: "CVE-2021-27436", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-11T00:00:00", db: "CNVD", id: "CNVD-2021-27809", }, { date: "2021-03-18T00:00:00", db: "VULHUB", id: "VHN-386703", }, { date: "2021-03-18T00:00:00", db: "VULMON", id: "CVE-2021-27436", }, { date: "2021-03-16T00:00:00", db: "CNNVD", id: "CNNVD-202103-1019", }, { date: "2021-03-18T22:15:13.617000", db: "NVD", id: "CVE-2021-27436", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-13T00:00:00", db: "CNVD", id: "CNVD-2021-27809", }, { date: "2021-03-25T00:00:00", db: "VULHUB", id: "VHN-386703", }, { date: "2021-03-25T00:00:00", db: "VULMON", id: "CVE-2021-27436", }, { date: "2021-03-29T00:00:00", db: "CNNVD", id: "CNNVD-202103-1019", }, { date: "2024-11-21T05:57:59.240000", db: "NVD", id: "CVE-2021-27436", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202103-1019", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA cross-site scripting vulnerability", sources: [ { db: "CNVD", id: "CNVD-2021-27809", }, { db: "CNNVD", id: "CNNVD-202103-1019", }, ], trust: 1.2, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202103-1019", }, ], trust: 0.6, }, }
var-202011-1548
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1548", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58467", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-58467", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-58467", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58467", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-58467", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-58467", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58467", }, ], }, id: "VAR-202011-1548", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-58467", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58467", }, ], }, last_update_date: "2022-05-04T09:37:58.109000Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-58467", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-28T00:00:00", db: "CNVD", id: "CNVD-2020-58467", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-25T00:00:00", db: "CNVD", id: "CNVD-2020-58467", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-58467)", sources: [ { db: "CNVD", id: "CNVD-2020-58467", }, ], trust: 0.6, }, }
var-201904-0334
Vulnerability from variot
Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC. Advantech WebAccess Contains an access control vulnerability.Information may be tampered with. Advantech WebAccess is a browser-based HMI/SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. An arbitrary file-download vulnerability 2. An arbitrary file-upload vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files and perform certain unauthorized actions. This may aid in further attacks. Advantech WebAccess 8.3.4 is vulnerable; other versions may also be affected. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0334", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess", scope: "eq", trust: 2.4, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "8.3.4", }, ], sources: [ { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "CNVD", id: "CNVD-2019-32475", }, { db: "BID", id: "107847", }, { db: "JVNDB", id: "JVNDB-2019-003250", }, { db: "NVD", id: "CVE-2019-3941", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-003250", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Tenable", sources: [ { db: "BID", id: "107847", }, { db: "CNNVD", id: "CNNVD-201904-479", }, ], trust: 0.9, }, cve: "CVE-2019-3941", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2019-3941", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2019-32475", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-155376", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2019-3941", impactScore: 3.6, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-3941", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2019-3941", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2019-32475", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201904-479", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-155376", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "CNVD", id: "CNVD-2019-32475", }, { db: "VULHUB", id: "VHN-155376", }, { db: "JVNDB", id: "JVNDB-2019-003250", }, { db: "CNNVD", id: "CNNVD-201904-479", }, { db: "NVD", id: "CVE-2019-3941", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC. Advantech WebAccess Contains an access control vulnerability.Information may be tampered with. Advantech WebAccess is a browser-based HMI/SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. An arbitrary file-download vulnerability\n2. An arbitrary file-upload vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files and perform certain unauthorized actions. This may aid in further attacks. \nAdvantech WebAccess 8.3.4 is vulnerable; other versions may also be affected. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles", sources: [ { db: "NVD", id: "CVE-2019-3941", }, { db: "JVNDB", id: "JVNDB-2019-003250", }, { db: "CNVD", id: "CNVD-2019-32475", }, { db: "BID", id: "107847", }, { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "VULHUB", id: "VHN-155376", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-3941", trust: 3.6, }, { db: "TENABLE", id: "TRA-2019-15", trust: 3.4, }, { db: "BID", id: "107847", trust: 2, }, { db: "CNNVD", id: "CNNVD-201904-479", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32475", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-003250", trust: 0.8, }, { db: "IVD", id: "977C7FA4-F2FA-4903-84F3-E97660225D1F", trust: 0.2, }, { db: "VULHUB", id: "VHN-155376", trust: 0.1, }, ], sources: [ { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "CNVD", id: "CNVD-2019-32475", }, { db: "VULHUB", id: "VHN-155376", }, { db: "BID", id: "107847", }, { db: "JVNDB", id: "JVNDB-2019-003250", }, { db: "CNNVD", id: "CNNVD-201904-479", }, { db: "NVD", id: "CVE-2019-3941", }, ], }, id: "VAR-201904-0334", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "CNVD", id: "CNVD-2019-32475", }, { db: "VULHUB", id: "VHN-155376", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "CNVD", id: "CNVD-2019-32475", }, ], }, last_update_date: "2024-11-23T22:12:06.897000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Advantech WebAccess Access Control Error Vulnerability Patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181483", }, { title: "Advantech WebAccess Fixes for access control error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91306", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32475", }, { db: "JVNDB", id: "JVNDB-2019-003250", }, { db: "CNNVD", id: "CNNVD-201904-479", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-306", trust: 1.1, }, { problemtype: "CWE-284", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-155376", }, { db: "JVNDB", id: "JVNDB-2019-003250", }, { db: "NVD", id: "CVE-2019-3941", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.4, url: "https://www.tenable.com/security/research/tra-2019-15", }, { trust: 2.3, url: "http://www.securityfocus.com/bid/107847", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3941", }, { trust: 0.9, url: "http://webaccess.advantech.com", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3941", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32475", }, { db: "VULHUB", id: "VHN-155376", }, { db: "BID", id: "107847", }, { db: "JVNDB", id: "JVNDB-2019-003250", }, { db: "CNNVD", id: "CNNVD-201904-479", }, { db: "NVD", id: "CVE-2019-3941", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "CNVD", id: "CNVD-2019-32475", }, { db: "VULHUB", id: "VHN-155376", }, { db: "BID", id: "107847", }, { db: "JVNDB", id: "JVNDB-2019-003250", }, { db: "CNNVD", id: "CNNVD-201904-479", }, { db: "NVD", id: "CVE-2019-3941", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32475", }, { date: "2019-04-09T00:00:00", db: "VULHUB", id: "VHN-155376", }, { date: "2019-04-03T00:00:00", db: "BID", id: "107847", }, { date: "2019-05-13T00:00:00", db: "JVNDB", id: "JVNDB-2019-003250", }, { date: "2019-04-09T00:00:00", db: "CNNVD", id: "CNNVD-201904-479", }, { date: "2019-04-09T16:29:02.147000", db: "NVD", id: "CVE-2019-3941", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32475", }, { date: "2020-08-24T00:00:00", db: "VULHUB", id: "VHN-155376", }, { date: "2019-04-03T00:00:00", db: "BID", id: "107847", }, { date: "2019-05-13T00:00:00", db: "JVNDB", id: "JVNDB-2019-003250", }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201904-479", }, { date: "2024-11-21T04:42:54.673000", db: "NVD", id: "CVE-2019-3941", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201904-479", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess Access Control Error Vulnerability", sources: [ { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "CNVD", id: "CNVD-2019-32475", }, { db: "CNNVD", id: "CNNVD-201904-479", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Access control error", sources: [ { db: "IVD", id: "977c7fa4-f2fa-4903-84f3-e97660225d1f", }, { db: "CNNVD", id: "CNNVD-201904-479", }, ], trust: 0.8, }, }
var-202005-0337
Vulnerability from variot
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands. Advantech WebAccess Node To SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00013c71 in BwWebSvc.dll. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is caused by the program not properly sanitizing user input
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 2.1, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "eq", trust: 1.9, vendor: "advantech", version: "9.0.0", }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess", scope: "eq", trust: 0.9, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "gte", trust: 0.6, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "*", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "9.0.0", }, ], sources: [ { db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", }, { db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", }, { db: "ZDI", id: "ZDI-20-615", }, { db: "ZDI", id: "ZDI-20-613", }, { db: "ZDI", id: "ZDI-20-614", }, { db: "CNVD", id: "CNVD-2020-29741", }, { db: "VULMON", id: "CVE-2020-12014", }, { db: "JVNDB", id: "JVNDB-2020-005144", }, { db: "NVD", id: "CVE-2020-12014", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-005144", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-615", }, { db: "ZDI", id: "ZDI-20-613", }, { db: "ZDI", id: "ZDI-20-614", }, ], trust: 2.1, }, cve: "CVE-2020-12014", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-12014", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-005144", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-29741", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "dc75839d-760d-4e08-87b4-f1096616019c", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-164650", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12014", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2.1, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-12014", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-005144", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2020-12014", trust: 2.1, value: "HIGH", }, { author: "nvd@nist.gov", id: "CVE-2020-12014", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-005144", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-29741", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202005-299", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-164650", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-12014", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", }, { db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", }, { db: "ZDI", id: "ZDI-20-615", }, { db: "ZDI", id: "ZDI-20-613", }, { db: "ZDI", id: "ZDI-20-614", }, { db: "CNVD", id: "CNVD-2020-29741", }, { db: "VULHUB", id: "VHN-164650", }, { db: "VULMON", id: "CVE-2020-12014", }, { db: "JVNDB", id: "JVNDB-2020-005144", }, { db: "CNNVD", id: "CNNVD-202005-299", }, { db: "NVD", id: "CVE-2020-12014", }, ], }, description: { _id: null, data: "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands. Advantech WebAccess Node To SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00013c71 in BwWebSvc.dll. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is caused by the program not properly sanitizing user input", sources: [ { db: "NVD", id: "CVE-2020-12014", }, { db: "JVNDB", id: "JVNDB-2020-005144", }, { db: "ZDI", id: "ZDI-20-615", }, { db: "ZDI", id: "ZDI-20-613", }, { db: "ZDI", id: "ZDI-20-614", }, { db: "CNVD", id: "CNVD-2020-29741", }, { db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", }, { db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", }, { db: "VULHUB", id: "VHN-164650", }, { db: "VULMON", id: "CVE-2020-12014", }, ], trust: 4.59, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2020-12014", trust: 5.7, }, { db: "ICS CERT", id: "ICSA-20-128-01", trust: 3.2, }, { db: "ZDI", id: "ZDI-20-613", trust: 2.5, }, { db: "ZDI", id: "ZDI-20-615", trust: 1.4, }, { db: "CNVD", id: "CNVD-2020-29741", trust: 1.1, }, { db: "CNNVD", id: "CNNVD-202005-299", trust: 1.1, }, { db: "ZDI", id: "ZDI-20-614", trust: 0.8, }, { db: "JVN", id: "JVNVU93292753", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-005144", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-9884", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9882", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9883", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2020.1646", trust: 0.6, }, { db: "NSFOCUS", id: "47352", trust: 0.6, }, { db: "IVD", id: "C69F120F-13C6-4366-BC67-15C6B3FA728E", trust: 0.2, }, { db: "IVD", id: "DC75839D-760D-4E08-87B4-F1096616019C", trust: 0.2, }, { db: "VULHUB", id: "VHN-164650", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-12014", trust: 0.1, }, ], sources: [ { db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", }, { db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", }, { db: "ZDI", id: "ZDI-20-615", }, { db: "ZDI", id: "ZDI-20-613", }, { db: "ZDI", id: "ZDI-20-614", }, { db: "CNVD", id: "CNVD-2020-29741", }, { db: "VULHUB", id: "VHN-164650", }, { db: "VULMON", id: "CVE-2020-12014", }, { db: "JVNDB", id: "JVNDB-2020-005144", }, { db: "CNNVD", id: "CNNVD-202005-299", }, { db: "NVD", id: "CVE-2020-12014", }, ], }, id: "VAR-202005-0337", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", }, { db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", }, { db: "CNVD", id: "CNVD-2020-29741", }, { db: "VULHUB", id: "VHN-164650", }, ], trust: 1.679503486666667, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 1, }, ], sources: [ { db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", }, { db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", }, { db: "CNVD", id: "CNVD-2020-29741", }, ], }, last_update_date: "2024-11-23T21:59:18.257000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 2.1, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Patch for Advantech WebAccess Node SQL injection vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/218849", }, { title: "Advantech WebAccess Node SQL Repair measures for injecting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118218", }, ], sources: [ { db: "ZDI", id: "ZDI-20-615", }, { db: "ZDI", id: "ZDI-20-613", }, { db: "ZDI", id: "ZDI-20-614", }, { db: "CNVD", id: "CNVD-2020-29741", }, { db: "JVNDB", id: "JVNDB-2020-005144", }, { db: "CNNVD", id: "CNNVD-202005-299", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-89", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-164650", }, { db: "JVNDB", id: "JVNDB-2020-005144", }, { db: "NVD", id: "CVE-2020-12014", }, ], }, references: { _id: null, data: [ { trust: 3.8, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-01", }, { trust: 2.1, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { trust: 1.8, url: "https://www.zerodayinitiative.com/advisories/zdi-20-613/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-12014", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12014", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu93292753/", }, { trust: 0.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-615/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1646/", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/47352", }, { trust: 0.1, url: "https://www.zerodayinitiative.com/advisories/zdi-20-614/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/89.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/181600", }, ], sources: [ { db: "ZDI", id: "ZDI-20-615", }, { db: "ZDI", id: "ZDI-20-613", }, { db: "ZDI", id: "ZDI-20-614", }, { db: "CNVD", id: "CNVD-2020-29741", }, { db: "VULHUB", id: "VHN-164650", }, { db: "VULMON", id: "CVE-2020-12014", }, { db: "JVNDB", id: "JVNDB-2020-005144", }, { db: "CNNVD", id: "CNNVD-202005-299", }, { db: "NVD", id: "CVE-2020-12014", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", ident: null, }, { db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", ident: null, }, { db: "ZDI", id: "ZDI-20-615", ident: null, }, { db: "ZDI", id: "ZDI-20-613", ident: null, }, { db: "ZDI", id: "ZDI-20-614", ident: null, }, { db: "CNVD", id: "CNVD-2020-29741", ident: null, }, { db: "VULHUB", id: "VHN-164650", ident: null, }, { db: "VULMON", id: "CVE-2020-12014", ident: null, }, { db: "JVNDB", id: "JVNDB-2020-005144", ident: null, }, { db: "CNNVD", id: "CNNVD-202005-299", ident: null, }, { db: "NVD", id: "CVE-2020-12014", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-07T00:00:00", db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", ident: null, }, { date: "2020-05-07T00:00:00", db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-615", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-613", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-614", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29741", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULHUB", id: "VHN-164650", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULMON", id: "CVE-2020-12014", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005144", ident: null, }, { date: "2020-05-07T00:00:00", db: "CNNVD", id: "CNNVD-202005-299", ident: null, }, { date: "2020-05-08T12:15:11.253000", db: "NVD", id: "CVE-2020-12014", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-615", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-613", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-614", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29741", ident: null, }, { date: "2020-05-11T00:00:00", db: "VULHUB", id: "VHN-164650", ident: null, }, { date: "2020-05-11T00:00:00", db: "VULMON", id: "CVE-2020-12014", ident: null, }, { date: "2020-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2020-005144", ident: null, }, { date: "2020-12-31T00:00:00", db: "CNNVD", id: "CNNVD-202005-299", ident: null, }, { date: "2024-11-21T04:59:07.050000", db: "NVD", id: "CVE-2020-12014", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202005-299", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess Node SQL injection vulnerability", sources: [ { db: "CNVD", id: "CNVD-2020-29741", }, { db: "CNNVD", id: "CNNVD-202005-299", }, ], trust: 1.2, }, type: { _id: null, data: "SQL injection", sources: [ { db: "IVD", id: "c69f120f-13c6-4366-bc67-15c6b3fa728e", }, { db: "IVD", id: "dc75839d-760d-4e08-87b4-f1096616019c", }, { db: "CNNVD", id: "CNNVD-202005-299", }, ], trust: 1, }, }
var-202011-1540
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1540", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58464", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-58464", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-58464", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58464", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.", sources: [ { db: "CNVD", id: "CNVD-2020-58464", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-58464", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58464", }, ], }, id: "VAR-202011-1540", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-58464", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-58464", }, ], }, last_update_date: "2022-05-04T10:10:46Z", sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-58464", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-28T00:00:00", db: "CNVD", id: "CNVD-2020-58464", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-25T00:00:00", db: "CNVD", id: "CNVD-2020-58464", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability (CNVD-2020-58464)", sources: [ { db: "CNVD", id: "CNVD-2020-58464", }, ], trust: 0.6, }, }
var-201902-0123
Vulnerability from variot
WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information. WebAccess/SCADA Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following vulnerabilities: 1. Multiple authentication-bypass vulnerabilities 2. An SQL-injection vulnerability An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201902-0123", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 1.7, vendor: "advantech", version: "8.3", }, { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "8.3", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess scada", version: "8.3", }, ], sources: [ { db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { db: "CNVD", id: "CNVD-2019-32479", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001597", }, { db: "NVD", id: "CVE-2019-6521", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess%2Fscada", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-001597", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Devesh Logendran from Attila Cybertech Pte. Ltd.", sources: [ { db: "BID", id: "106722", }, { db: "CNNVD", id: "CNNVD-201901-889", }, ], trust: 0.9, }, cve: "CVE-2019-6521", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-6521", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32479", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-157956", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "LOW", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-6521", impactScore: 4.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-6521", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2019-6521", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2019-32479", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201901-889", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-157956", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { db: "CNVD", id: "CNVD-2019-32479", }, { db: "VULHUB", id: "VHN-157956", }, { db: "JVNDB", id: "JVNDB-2019-001597", }, { db: "CNNVD", id: "CNNVD-201901-889", }, { db: "NVD", id: "CVE-2019-6521", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information. WebAccess/SCADA Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following vulnerabilities:\n1. Multiple authentication-bypass vulnerabilities\n2. An SQL-injection vulnerability\nAn attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database", sources: [ { db: "NVD", id: "CVE-2019-6521", }, { db: "JVNDB", id: "JVNDB-2019-001597", }, { db: "CNVD", id: "CNVD-2019-32479", }, { db: "BID", id: "106722", }, { db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { db: "VULHUB", id: "VHN-157956", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-6521", trust: 3.6, }, { db: "ICS CERT", id: "ICSA-19-024-01", trust: 2.8, }, { db: "BID", id: "106722", trust: 2, }, { db: "CNNVD", id: "CNNVD-201901-889", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32479", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-001597", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-19-024-01T", trust: 0.6, }, { db: "IVD", id: "A390DD39-1C31-478B-BFF6-C1D917A3E87D", trust: 0.2, }, { db: "VULHUB", id: "VHN-157956", trust: 0.1, }, ], sources: [ { db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { db: "CNVD", id: "CNVD-2019-32479", }, { db: "VULHUB", id: "VHN-157956", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001597", }, { db: "CNNVD", id: "CNNVD-201901-889", }, { db: "NVD", id: "CVE-2019-6521", }, ], }, id: "VAR-201902-0123", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { db: "CNVD", id: "CNVD-2019-32479", }, { db: "VULHUB", id: "VHN-157956", }, ], trust: 1.5586422, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { db: "CNVD", id: "CNVD-2019-32479", }, ], }, last_update_date: "2024-11-23T22:37:55.477000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "https://www.advantech.com/", }, { title: "Patch for Advantech WebAccess/SCADA Authorization Issue Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181477", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32479", }, { db: "JVNDB", id: "JVNDB-2019-001597", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-287", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-157956", }, { db: "JVNDB", id: "JVNDB-2019-001597", }, { db: "NVD", id: "CVE-2019-6521", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-024-01", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/106722", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-6521", }, { trust: 0.9, url: "https://support.advantech.com/support/downloadsrdetail_new.aspx?sr_id=1-ms9mjv&doc_source=download", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6521", }, { trust: 0.6, url: "https://ics-cert.us-cert.gov/advisories/icsa-19-024-01third party advisoryus government resource", }, { trust: 0.6, url: "http://www.securityfocus.com/bid/106722third party advisoryvdb entry", }, { trust: 0.3, url: "https://www.advantech.com/", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32479", }, { db: "VULHUB", id: "VHN-157956", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001597", }, { db: "CNNVD", id: "CNNVD-201901-889", }, { db: "NVD", id: "CVE-2019-6521", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { db: "CNVD", id: "CNVD-2019-32479", }, { db: "VULHUB", id: "VHN-157956", }, { db: "BID", id: "106722", }, { db: "JVNDB", id: "JVNDB-2019-001597", }, { db: "CNNVD", id: "CNNVD-201901-889", }, { db: "NVD", id: "CVE-2019-6521", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32479", }, { date: "2019-02-05T00:00:00", db: "VULHUB", id: "VHN-157956", }, { date: "2019-01-24T00:00:00", db: "BID", id: "106722", }, { date: "2019-03-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-001597", }, { date: "2019-01-25T00:00:00", db: "CNNVD", id: "CNNVD-201901-889", }, { date: "2019-02-05T21:29:00.800000", db: "NVD", id: "CVE-2019-6521", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32479", }, { date: "2019-02-06T00:00:00", db: "VULHUB", id: "VHN-157956", }, { date: "2019-01-24T00:00:00", db: "BID", id: "106722", }, { date: "2019-03-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-001597", }, { date: "2019-04-01T00:00:00", db: "CNNVD", id: "CNNVD-201901-889", }, { date: "2024-11-21T04:46:37.157000", db: "NVD", id: "CVE-2019-6521", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201901-889", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Authorization Issue Vulnerability", sources: [ { db: "IVD", id: "a390dd39-1c31-478b-bff6-c1d917a3e87d", }, { db: "CNVD", id: "CNVD-2019-32479", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "authorization issue", sources: [ { db: "CNNVD", id: "CNNVD-201901-889", }, ], trust: 0.6, }, }
var-202006-1889
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).
There is a denial of service vulnerability in Advantech WebAccess/SCADA, which can be exploited by an attacker to cause the program to crash.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1889", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-29404", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-29404", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).\n\r\n\r\nThere is a denial of service vulnerability in Advantech WebAccess/SCADA, which can be exploited by an attacker to cause the program to crash.", sources: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-29404", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], }, id: "VAR-202006-1889", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], }, last_update_date: "2022-05-04T09:38:08.294000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA bwmciw file has system command injection vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/216133", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-29404", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-28T00:00:00", db: "CNVD", id: "CNVD-2020-29404", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has a denial of service vulnerability", sources: [ { db: "CNVD", id: "CNVD-2020-29404", }, ], trust: 0.6, }, }
var-201906-0329
Vulnerability from variot
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 10012 RPC call. Advantech WebAccess/SCADA Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AdvantechWebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A stack-based buffer overflow vulnerability exists in AdvantechWebAccess/SCADA version 8.4.0. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0329", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess", scope: "eq", trust: 1.8, vendor: "advantech", version: "8.4.0", }, { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "8.4.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "8.4.0", }, ], sources: [ { db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { db: "CNVD", id: "CNVD-2019-18756", }, { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "NVD", id: "CVE-2019-3953", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-005593", }, ], }, cve: "CVE-2019-3953", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-3953", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-18756", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-155388", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-3953", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-3953", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-3953", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-18756", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201906-719", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-155388", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { db: "CNVD", id: "CNVD-2019-18756", }, { db: "VULHUB", id: "VHN-155388", }, { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "CNNVD", id: "CNNVD-201906-719", }, { db: "NVD", id: "CVE-2019-3953", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 10012 RPC call. Advantech WebAccess/SCADA Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AdvantechWebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A stack-based buffer overflow vulnerability exists in AdvantechWebAccess/SCADA version 8.4.0. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow", sources: [ { db: "NVD", id: "CVE-2019-3953", }, { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "CNVD", id: "CNVD-2019-18756", }, { db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { db: "VULHUB", id: "VHN-155388", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-3953", trust: 3.3, }, { db: "TENABLE", id: "TRA-2019-28", trust: 2.4, }, { db: "TENABLE", id: "TRA-2019-17", trust: 2.3, }, { db: "CNNVD", id: "CNNVD-201906-719", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-18756", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-005593", trust: 0.8, }, { db: "IVD", id: "FA262F58-BB0D-42B5-8FE7-AB4F4FA95260", trust: 0.2, }, { db: "VULHUB", id: "VHN-155388", trust: 0.1, }, ], sources: [ { db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { db: "CNVD", id: "CNVD-2019-18756", }, { db: "VULHUB", id: "VHN-155388", }, { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "CNNVD", id: "CNNVD-201906-719", }, { db: "NVD", id: "CVE-2019-3953", }, ], }, id: "VAR-201906-0329", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { db: "CNVD", id: "CNVD-2019-18756", }, { db: "VULHUB", id: "VHN-155388", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { db: "CNVD", id: "CNVD-2019-18756", }, ], }, last_update_date: "2024-11-23T22:33:57.006000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Patch for AdvantechWebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-18756)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/164241", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93903", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-18756", }, { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "CNNVD", id: "CNNVD-201906-719", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "CWE-119", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-155388", }, { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "NVD", id: "CVE-2019-3953", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://www.tenable.com/security/research/tra-2019-28", }, { trust: 2.3, url: "https://www.tenable.com/security/research/tra-2019-17", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3953", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3953", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-18756", }, { db: "VULHUB", id: "VHN-155388", }, { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "CNNVD", id: "CNNVD-201906-719", }, { db: "NVD", id: "CVE-2019-3953", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { db: "CNVD", id: "CNVD-2019-18756", }, { db: "VULHUB", id: "VHN-155388", }, { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "CNNVD", id: "CNNVD-201906-719", }, { db: "NVD", id: "CVE-2019-3953", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-21T00:00:00", db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { date: "2019-06-21T00:00:00", db: "CNVD", id: "CNVD-2019-18756", }, { date: "2019-06-18T00:00:00", db: "VULHUB", id: "VHN-155388", }, { date: "2019-06-24T00:00:00", db: "JVNDB", id: "JVNDB-2019-005593", }, { date: "2019-06-18T00:00:00", db: "CNNVD", id: "CNNVD-201906-719", }, { date: "2019-06-18T23:15:10.527000", db: "NVD", id: "CVE-2019-3953", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-21T00:00:00", db: "CNVD", id: "CNVD-2019-18756", }, { date: "2020-08-24T00:00:00", db: "VULHUB", id: "VHN-155388", }, { date: "2019-06-24T00:00:00", db: "JVNDB", id: "JVNDB-2019-005593", }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201906-719", }, { date: "2024-11-21T04:42:56.070000", db: "NVD", id: "CVE-2019-3953", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-719", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-005593", }, { db: "CNNVD", id: "CNNVD-201906-719", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "fa262f58-bb0d-42b5-8fe7-ab4f4fa95260", }, { db: "CNNVD", id: "CNNVD-201906-719", }, ], trust: 0.8, }, }
var-202005-0008
Vulnerability from variot
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791d in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess/scada", scope: null, trust: 9.1, vendor: "advantech", version: null, }, { _id: null, model: "webaccess", scope: "lte", trust: 1, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess", scope: "eq", trust: 1, vendor: "advantech", version: "9.0.0", }, { _id: null, model: "webaccess node", scope: "gte", trust: 0.6, vendor: "advantech", version: "8.4.4", }, { _id: null, model: "webaccess node", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "*", }, { _id: null, model: null, scope: "eq", trust: 0.4, vendor: "webaccess", version: "9.0.0", }, ], sources: [ { db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", }, { db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", }, { db: "ZDI", id: "ZDI-20-593", }, { db: "ZDI", id: "ZDI-20-597", }, { db: "ZDI", id: "ZDI-20-599", }, { db: "ZDI", id: "ZDI-20-631", }, { db: "ZDI", id: "ZDI-20-603", }, { db: "ZDI", id: "ZDI-20-604", }, { db: "ZDI", id: "ZDI-20-601", }, { db: "ZDI", id: "ZDI-20-600", }, { db: "ZDI", id: "ZDI-20-621", }, { db: "ZDI", id: "ZDI-20-618", }, { db: "ZDI", id: "ZDI-20-602", }, { db: "ZDI", id: "ZDI-20-623", }, { db: "ZDI", id: "ZDI-20-616", }, { db: "CNVD", id: "CNVD-2020-29739", }, { db: "NVD", id: "CVE-2020-10638", }, ], }, credits: { _id: null, data: "Z0mb1E", sources: [ { db: "ZDI", id: "ZDI-20-593", }, { db: "ZDI", id: "ZDI-20-597", }, { db: "ZDI", id: "ZDI-20-599", }, { db: "ZDI", id: "ZDI-20-631", }, { db: "ZDI", id: "ZDI-20-603", }, { db: "ZDI", id: "ZDI-20-604", }, { db: "ZDI", id: "ZDI-20-601", }, { db: "ZDI", id: "ZDI-20-600", }, { db: "ZDI", id: "ZDI-20-621", }, { db: "ZDI", id: "ZDI-20-618", }, { db: "ZDI", id: "ZDI-20-602", }, { db: "ZDI", id: "ZDI-20-623", }, { db: "ZDI", id: "ZDI-20-616", }, ], trust: 9.1, }, cve: "CVE-2020-10638", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-10638", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-29739", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-10638", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 9.1, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-10638", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "ZDI", id: "CVE-2020-10638", trust: 9.1, value: "CRITICAL", }, { author: "nvd@nist.gov", id: "CVE-2020-10638", trust: 1, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2020-29739", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202005-295", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", trust: 0.2, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-10638", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", }, { db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", }, { db: "ZDI", id: "ZDI-20-593", }, { db: "ZDI", id: "ZDI-20-597", }, { db: "ZDI", id: "ZDI-20-599", }, { db: "ZDI", id: "ZDI-20-631", }, { db: "ZDI", id: "ZDI-20-603", }, { db: "ZDI", id: "ZDI-20-604", }, { db: "ZDI", id: "ZDI-20-601", }, { db: "ZDI", id: "ZDI-20-600", }, { db: "ZDI", id: "ZDI-20-621", }, { db: "ZDI", id: "ZDI-20-618", }, { db: "ZDI", id: "ZDI-20-602", }, { db: "ZDI", id: "ZDI-20-623", }, { db: "ZDI", id: "ZDI-20-616", }, { db: "CNVD", id: "CNVD-2020-29739", }, { db: "VULMON", id: "CVE-2020-10638", }, { db: "CNNVD", id: "CNNVD-202005-295", }, { db: "NVD", id: "CVE-2020-10638", }, ], }, description: { _id: null, data: "Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791d in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required", sources: [ { db: "NVD", id: "CVE-2020-10638", }, { db: "ZDI", id: "ZDI-20-601", }, { db: "ZDI", id: "ZDI-20-616", }, { db: "ZDI", id: "ZDI-20-623", }, { db: "ZDI", id: "ZDI-20-602", }, { db: "ZDI", id: "ZDI-20-618", }, { db: "ZDI", id: "ZDI-20-621", }, { db: "ZDI", id: "ZDI-20-600", }, { db: "ZDI", id: "ZDI-20-604", }, { db: "ZDI", id: "ZDI-20-603", }, { db: "ZDI", id: "ZDI-20-631", }, { db: "ZDI", id: "ZDI-20-599", }, { db: "ZDI", id: "ZDI-20-597", }, { db: "ZDI", id: "ZDI-20-593", }, { db: "CNVD", id: "CNVD-2020-29739", }, { db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", }, { db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", }, { db: "VULMON", id: "CVE-2020-10638", }, ], trust: 10.08, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2020-10638", trust: 11.8, }, { db: "ZDI", id: "ZDI-20-593", trust: 2.4, }, { db: "ZDI", id: "ZDI-20-599", trust: 2.4, }, { db: "ZDI", id: "ZDI-20-603", trust: 2.4, }, { db: "ZDI", id: "ZDI-20-600", trust: 2.4, }, { db: "ZDI", id: "ZDI-20-621", trust: 2.4, }, { db: "ZDI", id: "ZDI-20-616", trust: 2.4, }, { db: "ICS CERT", id: "ICSA-20-128-01", trust: 2.3, }, { db: "CNVD", id: "CNVD-2020-29739", trust: 1, }, { db: "CNNVD", id: "CNNVD-202005-295", trust: 1, }, { db: "ZDI_CAN", id: "ZDI-CAN-9902", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9985", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-597", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9994", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9892", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-631", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9897", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9898", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-604", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9998", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-601", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9997", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-10085", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9891", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-618", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9895", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-602", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-10337", trust: 0.7, }, { db: "ZDI", id: "ZDI-20-623", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-9889", trust: 0.7, }, { db: "NSFOCUS", id: "47382", trust: 0.6, }, { db: "ZDI", id: "ZDI-20-635", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1646", trust: 0.6, }, { db: "IVD", id: "95F15ED9-ABD1-4FA7-B3B8-CCE038C93754", trust: 0.2, }, { db: "IVD", id: "619B16C7-A995-4CDF-B7BE-D91E2BDC75EC", trust: 0.2, }, { db: "VULMON", id: "CVE-2020-10638", trust: 0.1, }, ], sources: [ { db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", }, { db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", }, { db: "ZDI", id: "ZDI-20-593", }, { db: "ZDI", id: "ZDI-20-597", }, { db: "ZDI", id: "ZDI-20-599", }, { db: "ZDI", id: "ZDI-20-631", }, { db: "ZDI", id: "ZDI-20-603", }, { db: "ZDI", id: "ZDI-20-604", }, { db: "ZDI", id: "ZDI-20-601", }, { db: "ZDI", id: "ZDI-20-600", }, { db: "ZDI", id: "ZDI-20-621", }, { db: "ZDI", id: "ZDI-20-618", }, { db: "ZDI", id: "ZDI-20-602", }, { db: "ZDI", id: "ZDI-20-623", }, { db: "ZDI", id: "ZDI-20-616", }, { db: "CNVD", id: "CNVD-2020-29739", }, { db: "VULMON", id: "CVE-2020-10638", }, { db: "CNNVD", id: "CNNVD-202005-295", }, { db: "NVD", id: "CVE-2020-10638", }, ], }, id: "VAR-202005-0008", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", }, { db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", }, { db: "CNVD", id: "CNVD-2020-29739", }, ], trust: 1.5795034866666668, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 1, }, ], sources: [ { db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", }, { db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", }, { db: "CNVD", id: "CNVD-2020-29739", }, ], }, last_update_date: "2024-11-29T22:41:10.312000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 9.1, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { title: "Patch for Advantech WebAccess Node buffer overflow vulnerability (CNVD-2020-29739)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/218845", }, { title: "Advantech WebAccess Node Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118647", }, ], sources: [ { db: "ZDI", id: "ZDI-20-593", }, { db: "ZDI", id: "ZDI-20-597", }, { db: "ZDI", id: "ZDI-20-599", }, { db: "ZDI", id: "ZDI-20-631", }, { db: "ZDI", id: "ZDI-20-603", }, { db: "ZDI", id: "ZDI-20-604", }, { db: "ZDI", id: "ZDI-20-601", }, { db: "ZDI", id: "ZDI-20-600", }, { db: "ZDI", id: "ZDI-20-621", }, { db: "ZDI", id: "ZDI-20-618", }, { db: "ZDI", id: "ZDI-20-602", }, { db: "ZDI", id: "ZDI-20-623", }, { db: "ZDI", id: "ZDI-20-616", }, { db: "CNVD", id: "CNVD-2020-29739", }, { db: "CNNVD", id: "CNNVD-202005-295", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-122", trust: 1, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2020-10638", }, ], }, references: { _id: null, data: [ { trust: 9.1, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-36", }, { trust: 2.9, url: "https://www.us-cert.gov/ics/advisories/icsa-20-128-01", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-593/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-599/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-600/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-603/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-616/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-20-621/", }, { trust: 0.6, url: "https://www.zerodayinitiative.com/advisories/zdi-20-635/", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-10638", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/47382", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1646/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/181596", }, ], sources: [ { db: "ZDI", id: "ZDI-20-593", }, { db: "ZDI", id: "ZDI-20-597", }, { db: "ZDI", id: "ZDI-20-599", }, { db: "ZDI", id: "ZDI-20-631", }, { db: "ZDI", id: "ZDI-20-603", }, { db: "ZDI", id: "ZDI-20-604", }, { db: "ZDI", id: "ZDI-20-601", }, { db: "ZDI", id: "ZDI-20-600", }, { db: "ZDI", id: "ZDI-20-621", }, { db: "ZDI", id: "ZDI-20-618", }, { db: "ZDI", id: "ZDI-20-602", }, { db: "ZDI", id: "ZDI-20-623", }, { db: "ZDI", id: "ZDI-20-616", }, { db: "CNVD", id: "CNVD-2020-29739", }, { db: "VULMON", id: "CVE-2020-10638", }, { db: "CNNVD", id: "CNNVD-202005-295", }, { db: "NVD", id: "CVE-2020-10638", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", ident: null, }, { db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", ident: null, }, { db: "ZDI", id: "ZDI-20-593", ident: null, }, { db: "ZDI", id: "ZDI-20-597", ident: null, }, { db: "ZDI", id: "ZDI-20-599", ident: null, }, { db: "ZDI", id: "ZDI-20-631", ident: null, }, { db: "ZDI", id: "ZDI-20-603", ident: null, }, { db: "ZDI", id: "ZDI-20-604", ident: null, }, { db: "ZDI", id: "ZDI-20-601", ident: null, }, { db: "ZDI", id: "ZDI-20-600", ident: null, }, { db: "ZDI", id: "ZDI-20-621", ident: null, }, { db: "ZDI", id: "ZDI-20-618", ident: null, }, { db: "ZDI", id: "ZDI-20-602", ident: null, }, { db: "ZDI", id: "ZDI-20-623", ident: null, }, { db: "ZDI", id: "ZDI-20-616", ident: null, }, { db: "CNVD", id: "CNVD-2020-29739", ident: null, }, { db: "VULMON", id: "CVE-2020-10638", ident: null, }, { db: "CNNVD", id: "CNNVD-202005-295", ident: null, }, { db: "NVD", id: "CVE-2020-10638", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2020-05-07T00:00:00", db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", ident: null, }, { date: "2020-05-07T00:00:00", db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-593", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-597", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-599", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-631", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-603", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-604", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-601", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-600", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-621", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-618", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-602", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-623", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-616", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29739", ident: null, }, { date: "2020-05-08T00:00:00", db: "VULMON", id: "CVE-2020-10638", ident: null, }, { date: "2020-05-07T00:00:00", db: "CNNVD", id: "CNNVD-202005-295", ident: null, }, { date: "2020-05-08T12:15:11.067000", db: "NVD", id: "CVE-2020-10638", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-593", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-597", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-599", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-631", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-603", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-604", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-601", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-600", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-621", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-618", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-602", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-623", ident: null, }, { date: "2020-05-08T00:00:00", db: "ZDI", id: "ZDI-20-616", ident: null, }, { date: "2020-05-25T00:00:00", db: "CNVD", id: "CNVD-2020-29739", ident: null, }, { date: "2020-05-12T00:00:00", db: "VULMON", id: "CVE-2020-10638", ident: null, }, { date: "2021-01-04T00:00:00", db: "CNNVD", id: "CNNVD-202005-295", ident: null, }, { date: "2024-11-21T04:55:45.027000", db: "NVD", id: "CVE-2020-10638", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202005-295", }, ], trust: 0.6, }, title: { _id: null, data: "Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002723 Heap-based Buffer Overflow Remote Code Execution Vulnerability", sources: [ { db: "ZDI", id: "ZDI-20-593", }, ], trust: 0.7, }, type: { _id: null, data: "Buffer error", sources: [ { db: "IVD", id: "95f15ed9-abd1-4fa7-b3b8-cce038c93754", }, { db: "IVD", id: "619b16c7-a995-4cdf-b7be-d91e2bdc75ec", }, { db: "CNNVD", id: "CNNVD-202005-295", }, ], trust: 1, }, }
var-202006-1910
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).
Advantech WebAccess/SCADA has a command execution vulnerability that an attacker can use to execute malicious code.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1910", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2020-29400", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-29400", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).\n\r\n\r\nAdvantech WebAccess/SCADA has a command execution vulnerability that an attacker can use to execute malicious code.", sources: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-29400", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], }, id: "VAR-202006-1910", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], }, last_update_date: "2022-05-04T09:38:08.280000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA winslbl file exists system command injection vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/215707", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-29400", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-28T00:00:00", db: "CNVD", id: "CNVD-2020-29400", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has command execution vulnerability (CNVD-2020-29400)", sources: [ { db: "CNVD", id: "CNVD-2020-29400", }, ], trust: 0.6, }, }
var-202102-0020
Vulnerability from variot
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability. Advantech WebAccess/SCADA Contains a path traversal vulnerability.Information may be obtained. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment. There is a path traversal vulnerability in Advantech WebAccess/SCADA, which originates from the failure of network systems or products to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0020", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11303", }, { db: "JVNDB", id: "JVNDB-2020-016431", }, { db: "NVD", id: "CVE-2020-13550", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Discovered by Yuri Kramarz of Cisco Talos.", sources: [ { db: "CNNVD", id: "CNNVD-202102-1262", }, ], trust: 0.6, }, cve: "CVE-2020-13550", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CVE-2020-13550", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "SINGLE", author: "CNVD", availabilityImpact: "NONE", baseScore: 1.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 2.7, id: "CNVD-2021-11303", impactScore: 2.9, integrityImpact: "NONE", severity: "LOW", trust: 0.6, vectorString: "AV:L/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "VHN-166340", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "talos-cna@cisco.com", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.1, id: "CVE-2020-13550", impactScore: 4, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.1, id: "CVE-2020-13550", impactScore: 4, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-13550", trust: 1, value: "HIGH", }, { author: "talos-cna@cisco.com", id: "CVE-2020-13550", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2020-13550", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2021-11303", trust: 0.6, value: "LOW", }, { author: "CNNVD", id: "CNNVD-202102-1262", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-166340", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11303", }, { db: "VULHUB", id: "VHN-166340", }, { db: "JVNDB", id: "JVNDB-2020-016431", }, { db: "CNNVD", id: "CNNVD-202102-1262", }, { db: "NVD", id: "CVE-2020-13550", }, { db: "NVD", id: "CVE-2020-13550", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability. Advantech WebAccess/SCADA Contains a path traversal vulnerability.Information may be obtained. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment. There is a path traversal vulnerability in Advantech WebAccess/SCADA, which originates from the failure of network systems or products to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories", sources: [ { db: "NVD", id: "CVE-2020-13550", }, { db: "JVNDB", id: "JVNDB-2020-016431", }, { db: "CNVD", id: "CNVD-2021-11303", }, { db: "VULHUB", id: "VHN-166340", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-13550", trust: 3.1, }, { db: "TALOS", id: "TALOS-2020-1168", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-016431", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-11303", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202102-1262", trust: 0.6, }, { db: "VULHUB", id: "VHN-166340", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11303", }, { db: "VULHUB", id: "VHN-166340", }, { db: "JVNDB", id: "JVNDB-2020-016431", }, { db: "CNNVD", id: "CNNVD-202102-1262", }, { db: "NVD", id: "CVE-2020-13550", }, ], }, id: "VAR-202102-0020", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-11303", }, { db: "VULHUB", id: "VHN-166340", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11303", }, ], }, last_update_date: "2024-11-23T22:16:09.118000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, { title: "Advantech WebAccess/SCADA Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142129", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-016431", }, { db: "CNNVD", id: "CNNVD-202102-1262", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-22", trust: 1.1, }, { problemtype: "Path traversal (CWE-22) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-166340", }, { db: "JVNDB", id: "JVNDB-2020-016431", }, { db: "NVD", id: "CVE-2020-13550", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://talosintelligence.com/vulnerability_reports/talos-2020-1168", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13550", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11303", }, { db: "VULHUB", id: "VHN-166340", }, { db: "JVNDB", id: "JVNDB-2020-016431", }, { db: "CNNVD", id: "CNNVD-202102-1262", }, { db: "NVD", id: "CVE-2020-13550", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-11303", }, { db: "VULHUB", id: "VHN-166340", }, { db: "JVNDB", id: "JVNDB-2020-016431", }, { db: "CNNVD", id: "CNNVD-202102-1262", }, { db: "NVD", id: "CVE-2020-13550", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11303", }, { date: "2021-02-17T00:00:00", db: "VULHUB", id: "VHN-166340", }, { date: "2021-12-03T00:00:00", db: "JVNDB", id: "JVNDB-2020-016431", }, { date: "2021-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202102-1262", }, { date: "2021-02-17T19:15:12.293000", db: "NVD", id: "CVE-2020-13550", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11303", }, { date: "2022-06-29T00:00:00", db: "VULHUB", id: "VHN-166340", }, { date: "2021-12-03T03:02:00", db: "JVNDB", id: "JVNDB-2020-016431", }, { date: "2021-02-22T00:00:00", db: "CNNVD", id: "CNNVD-202102-1262", }, { date: "2024-11-21T05:01:28.670000", db: "NVD", id: "CVE-2020-13550", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202102-1262", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Traversal Vulnerability in Japan", sources: [ { db: "JVNDB", id: "JVNDB-2020-016431", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "path traversal", sources: [ { db: "CNNVD", id: "CNNVD-202102-1262", }, ], trust: 0.6, }, }
var-202102-0021
Vulnerability from variot
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0021", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11304", }, { db: "JVNDB", id: "JVNDB-2020-016183", }, { db: "NVD", id: "CVE-2020-13551", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Discovered by Yuri Kramarz of Cisco Talos.", sources: [ { db: "CNNVD", id: "CNNVD-202102-1261", }, ], trust: 0.6, }, cve: "CVE-2020-13551", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CVE-2020-13551", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.8, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2021-11304", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "VHN-166341", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "talos-cna@cisco.com", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13551", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13551", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-13551", trust: 1, value: "HIGH", }, { author: "talos-cna@cisco.com", id: "CVE-2020-13551", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2020-13551", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2021-11304", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202102-1261", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-166341", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11304", }, { db: "VULHUB", id: "VHN-166341", }, { db: "JVNDB", id: "JVNDB-2020-016183", }, { db: "CNNVD", id: "CNNVD-202102-1261", }, { db: "NVD", id: "CVE-2020-13551", }, { db: "NVD", id: "CVE-2020-13551", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2020-13551", }, { db: "JVNDB", id: "JVNDB-2020-016183", }, { db: "CNVD", id: "CNVD-2021-11304", }, { db: "VULHUB", id: "VHN-166341", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "TALOS", id: "TALOS-2020-1169", trust: 3.1, }, { db: "NVD", id: "CVE-2020-13551", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-016183", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-11304", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202102-1261", trust: 0.6, }, { db: "VULHUB", id: "VHN-166341", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11304", }, { db: "VULHUB", id: "VHN-166341", }, { db: "JVNDB", id: "JVNDB-2020-016183", }, { db: "CNNVD", id: "CNNVD-202102-1261", }, { db: "NVD", id: "CVE-2020-13551", }, ], }, id: "VAR-202102-0021", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-11304", }, { db: "VULHUB", id: "VHN-166341", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11304", }, ], }, last_update_date: "2024-11-23T22:40:46.656000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, { title: "Advantech WebAccess/SCADA Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142128", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-016183", }, { db: "CNNVD", id: "CNNVD-202102-1261", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-276", trust: 1.1, }, { problemtype: "Improper authority management (CWE-269) [NVD Evaluation ]", trust: 0.8, }, { problemtype: "CWE-269", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-166341", }, { db: "JVNDB", id: "JVNDB-2020-016183", }, { db: "NVD", id: "CVE-2020-13551", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://talosintelligence.com/vulnerability_reports/talos-2020-1169", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13551", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11304", }, { db: "VULHUB", id: "VHN-166341", }, { db: "JVNDB", id: "JVNDB-2020-016183", }, { db: "CNNVD", id: "CNNVD-202102-1261", }, { db: "NVD", id: "CVE-2020-13551", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-11304", }, { db: "VULHUB", id: "VHN-166341", }, { db: "JVNDB", id: "JVNDB-2020-016183", }, { db: "CNNVD", id: "CNNVD-202102-1261", }, { db: "NVD", id: "CVE-2020-13551", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11304", }, { date: "2021-02-17T00:00:00", db: "VULHUB", id: "VHN-166341", }, { date: "2021-11-12T00:00:00", db: "JVNDB", id: "JVNDB-2020-016183", }, { date: "2021-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202102-1261", }, { date: "2021-02-17T19:15:12.387000", db: "NVD", id: "CVE-2020-13551", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11304", }, { date: "2022-06-29T00:00:00", db: "VULHUB", id: "VHN-166341", }, { date: "2021-11-12T01:25:00", db: "JVNDB", id: "JVNDB-2020-016183", }, { date: "2022-04-20T00:00:00", db: "CNNVD", id: "CNNVD-202102-1261", }, { date: "2024-11-21T05:01:28.800000", db: "NVD", id: "CVE-2020-13551", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202102-1261", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Vulnerability in privilege management", sources: [ { db: "JVNDB", id: "JVNDB-2020-016183", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202102-1261", }, ], trust: 0.6, }, }
var-201906-1027
Vulnerability from variot
In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991. WebAccess/SCADA Contains a buffer error vulnerability. This vulnerability CVE-2019-10991 Is a different vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x11372 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities: 1. A directory-traversal vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. Multiple heap-based buffer-overflow vulnerabilities 4. Multiple remote-code execution vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable
Show details on source website{ affected_products: { _id: null, data: [ { _id: null, model: "webaccess", scope: "lte", trust: 1.8, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess", scope: null, trust: 1.4, vendor: "advantech", version: null, }, { _id: null, model: "webaccess/scada", scope: "lte", trust: 0.6, vendor: "advantech", version: "<=8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.2", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.1", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.0", }, { _id: null, model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "7.2", }, { _id: null, model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.4.1", }, { _id: null, model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "*", }, ], sources: [ { db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", }, { db: "ZDI", id: "ZDI-19-591", }, { db: "ZDI", id: "ZDI-19-590", }, { db: "CNVD", id: "CNVD-2019-32464", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005814", }, { db: "NVD", id: "CVE-2019-10989", }, ], }, configurations: { _id: null, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-005814", }, ], }, credits: { _id: null, data: "Mat Powell of Trend Micro Zero Day Initiative", sources: [ { db: "ZDI", id: "ZDI-19-591", }, { db: "ZDI", id: "ZDI-19-590", }, ], trust: 1.4, }, cve: "CVE-2019-10989", cvss: { _id: null, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-10989", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32464", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-142590", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-10989", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.4, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-10989", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-10989", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "ZDI", id: "CVE-2019-10989", trust: 1.4, value: "CRITICAL", }, { author: "nvd@nist.gov", id: "CVE-2019-10989", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-10989", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-32464", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201906-1078", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-142590", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", }, { db: "ZDI", id: "ZDI-19-591", }, { db: "ZDI", id: "ZDI-19-590", }, { db: "CNVD", id: "CNVD-2019-32464", }, { db: "VULHUB", id: "VHN-142590", }, { db: "JVNDB", id: "JVNDB-2019-005814", }, { db: "CNNVD", id: "CNNVD-201906-1078", }, { db: "NVD", id: "CVE-2019-10989", }, ], }, description: { _id: null, data: "In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991. WebAccess/SCADA Contains a buffer error vulnerability. This vulnerability CVE-2019-10991 Is a different vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x11372 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess/SCADA is a browser-based SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess/SCADA is prone to the following security vulnerabilities:\n1. A directory-traversal vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. Multiple heap-based buffer-overflow vulnerabilities\n4. Multiple remote-code execution vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks. \nAdvantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable", sources: [ { db: "NVD", id: "CVE-2019-10989", }, { db: "JVNDB", id: "JVNDB-2019-005814", }, { db: "ZDI", id: "ZDI-19-591", }, { db: "ZDI", id: "ZDI-19-590", }, { db: "CNVD", id: "CNVD-2019-32464", }, { db: "BID", id: "108923", }, { db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", }, { db: "VULHUB", id: "VHN-142590", }, ], trust: 3.96, }, external_ids: { _id: null, data: [ { db: "NVD", id: "CVE-2019-10989", trust: 5, }, { db: "ICS CERT", id: "ICSA-19-178-05", trust: 2.8, }, { db: "ZDI", id: "ZDI-19-591", trust: 2.4, }, { db: "ZDI", id: "ZDI-19-590", trust: 2.4, }, { db: "BID", id: "108923", trust: 1.5, }, { db: "CNNVD", id: "CNNVD-201906-1078", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32464", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-005814", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-8068", trust: 0.7, }, { db: "ZDI_CAN", id: "ZDI-CAN-8067", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.2350", trust: 0.6, }, { db: "IVD", id: "A3A80884-2713-49F5-A1E2-0B387C0701CC", trust: 0.2, }, { db: "VULHUB", id: "VHN-142590", trust: 0.1, }, ], sources: [ { db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", }, { db: "ZDI", id: "ZDI-19-591", }, { db: "ZDI", id: "ZDI-19-590", }, { db: "CNVD", id: "CNVD-2019-32464", }, { db: "VULHUB", id: "VHN-142590", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005814", }, { db: "CNNVD", id: "CNNVD-201906-1078", }, { db: "NVD", id: "CVE-2019-10989", }, ], }, id: "VAR-201906-1027", iot: { _id: null, data: true, sources: [ { db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", }, { db: "CNVD", id: "CNVD-2019-32464", }, { db: "VULHUB", id: "VHN-142590", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { _id: null, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", }, { db: "CNVD", id: "CNVD-2019-32464", }, ], }, last_update_date: "2024-11-23T21:52:09.381000Z", patch: { _id: null, data: [ { title: "Advantech has issued an update to correct this vulnerability.", trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Patch for Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32464)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181497", }, { title: "Advantech WebAccess/SCADA Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94181", }, ], sources: [ { db: "ZDI", id: "ZDI-19-591", }, { db: "ZDI", id: "ZDI-19-590", }, { db: "CNVD", id: "CNVD-2019-32464", }, { db: "JVNDB", id: "JVNDB-2019-005814", }, { db: "CNNVD", id: "CNNVD-201906-1078", }, ], }, problemtype_data: { _id: null, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "CWE-119", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-142590", }, { db: "JVNDB", id: "JVNDB-2019-005814", }, { db: "NVD", id: "CVE-2019-10989", }, ], }, references: { _id: null, data: [ { trust: 4.2, url: "https://www.us-cert.gov/ics/advisories/icsa-19-178-05", }, { trust: 2.3, url: "https://www.zerodayinitiative.com/advisories/zdi-19-591/", }, { trust: 1.7, url: "https://www.zerodayinitiative.com/advisories/zdi-19-590/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10989", }, { trust: 1.2, url: "http://www.securityfocus.com/bid/108923", }, { trust: 0.9, url: "http://webaccess.advantech.com", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10989", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2350/", }, ], sources: [ { db: "ZDI", id: "ZDI-19-591", }, { db: "ZDI", id: "ZDI-19-590", }, { db: "CNVD", id: "CNVD-2019-32464", }, { db: "VULHUB", id: "VHN-142590", }, { db: "BID", id: "108923", }, { db: "JVNDB", id: "JVNDB-2019-005814", }, { db: "CNNVD", id: "CNNVD-201906-1078", }, { db: "NVD", id: "CVE-2019-10989", }, ], }, sources: { _id: null, data: [ { db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", ident: null, }, { db: "ZDI", id: "ZDI-19-591", ident: null, }, { db: "ZDI", id: "ZDI-19-590", ident: null, }, { db: "CNVD", id: "CNVD-2019-32464", ident: null, }, { db: "VULHUB", id: "VHN-142590", ident: null, }, { db: "BID", id: "108923", ident: null, }, { db: "JVNDB", id: "JVNDB-2019-005814", ident: null, }, { db: "CNNVD", id: "CNNVD-201906-1078", ident: null, }, { db: "NVD", id: "CVE-2019-10989", ident: null, }, ], }, sources_release_date: { _id: null, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-591", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-590", ident: null, }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32464", ident: null, }, { date: "2019-06-28T00:00:00", db: "VULHUB", id: "VHN-142590", ident: null, }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", ident: null, }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005814", ident: null, }, { date: "2019-06-27T00:00:00", db: "CNNVD", id: "CNNVD-201906-1078", ident: null, }, { date: "2019-06-28T21:15:11.243000", db: "NVD", id: "CVE-2019-10989", ident: null, }, ], }, sources_update_date: { _id: null, data: [ { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-591", ident: null, }, { date: "2019-07-02T00:00:00", db: "ZDI", id: "ZDI-19-590", ident: null, }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32464", ident: null, }, { date: "2023-03-02T00:00:00", db: "VULHUB", id: "VHN-142590", ident: null, }, { date: "2019-06-27T00:00:00", db: "BID", id: "108923", ident: null, }, { date: "2019-07-02T00:00:00", db: "JVNDB", id: "JVNDB-2019-005814", ident: null, }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201906-1078", ident: null, }, { date: "2024-11-21T04:20:18.283000", db: "NVD", id: "CVE-2019-10989", ident: null, }, ], }, threat_type: { _id: null, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-1078", }, ], trust: 0.6, }, title: { _id: null, data: "WebAccess/SCADA Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-005814", }, ], trust: 0.8, }, type: { _id: null, data: "Buffer error", sources: [ { db: "IVD", id: "a3a80884-2713-49f5-a1e2-0b387c0701cc", }, { db: "CNNVD", id: "CNNVD-201906-1078", }, ], trust: 0.8, }, }
var-201904-0333
Vulnerability from variot
Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. An unauthenticated, remote attacker can use this vulnerability to execute arbitrary code. Advantech WebAccess Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a browser-based HMI/SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. An arbitrary file-download vulnerability 2. This may aid in further attacks. Advantech WebAccess 8.3.4 is vulnerable; other versions may also be affected. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0333", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess", scope: "eq", trust: 2.4, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "eq", trust: 0.3, vendor: "advantech", version: "8.3.4", }, { model: "webaccess/scada", scope: "ne", trust: 0.3, vendor: "advantech", version: "8.3.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "webaccess", version: "8.3.4", }, ], sources: [ { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "CNVD", id: "CNVD-2019-32474", }, { db: "BID", id: "107847", }, { db: "JVNDB", id: "JVNDB-2019-003313", }, { db: "NVD", id: "CVE-2019-3940", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:advantech:advantech_webaccess", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-003313", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Tenable", sources: [ { db: "BID", id: "107847", }, { db: "CNNVD", id: "CNNVD-201904-485", }, ], trust: 0.9, }, cve: "CVE-2019-3940", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-3940", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-32474", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-155375", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-3940", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-3940", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-3940", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-32474", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201904-485", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-155375", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-3940", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "CNVD", id: "CNVD-2019-32474", }, { db: "VULHUB", id: "VHN-155375", }, { db: "VULMON", id: "CVE-2019-3940", }, { db: "JVNDB", id: "JVNDB-2019-003313", }, { db: "CNNVD", id: "CNNVD-201904-485", }, { db: "NVD", id: "CVE-2019-3940", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. An unauthenticated, remote attacker can use this vulnerability to execute arbitrary code. Advantech WebAccess Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a browser-based HMI/SCADA software from Advantech, Taiwan. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities:\n1. An arbitrary file-download vulnerability\n2. This may aid in further attacks. \nAdvantech WebAccess 8.3.4 is vulnerable; other versions may also be affected. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products", sources: [ { db: "NVD", id: "CVE-2019-3940", }, { db: "JVNDB", id: "JVNDB-2019-003313", }, { db: "CNVD", id: "CNVD-2019-32474", }, { db: "BID", id: "107847", }, { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "VULHUB", id: "VHN-155375", }, { db: "VULMON", id: "CVE-2019-3940", }, ], trust: 2.79, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-3940", trust: 3.7, }, { db: "TENABLE", id: "TRA-2019-15", trust: 3.5, }, { db: "BID", id: "107847", trust: 2.1, }, { db: "CNNVD", id: "CNNVD-201904-485", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-32474", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-003313", trust: 0.8, }, { db: "IVD", id: "ED3F090D-7F3E-4836-870E-ACC7E4660EF3", trust: 0.2, }, { db: "VULHUB", id: "VHN-155375", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-3940", trust: 0.1, }, ], sources: [ { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "CNVD", id: "CNVD-2019-32474", }, { db: "VULHUB", id: "VHN-155375", }, { db: "VULMON", id: "CVE-2019-3940", }, { db: "BID", id: "107847", }, { db: "JVNDB", id: "JVNDB-2019-003313", }, { db: "CNNVD", id: "CNNVD-201904-485", }, { db: "NVD", id: "CVE-2019-3940", }, ], }, id: "VAR-201904-0333", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "CNVD", id: "CNVD-2019-32474", }, { db: "VULHUB", id: "VHN-155375", }, ], trust: 1.4466745799999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "CNVD", id: "CNVD-2019-32474", }, ], }, last_update_date: "2024-11-23T22:12:06.937000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess", trust: 0.8, url: "https://www.advantech.co.jp/industrial-automation/webaccess", }, { title: "Patch for Advantech WebAccess Code Issue Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/181481", }, { title: "Advantech WebAccess Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91310", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32474", }, { db: "JVNDB", id: "JVNDB-2019-003313", }, { db: "CNNVD", id: "CNNVD-201904-485", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-434", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-155375", }, { db: "JVNDB", id: "JVNDB-2019-003313", }, { db: "NVD", id: "CVE-2019-3940", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.5, url: "https://www.tenable.com/security/research/tra-2019-15", }, { trust: 2.4, url: "http://www.securityfocus.com/bid/107847", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3940", }, { trust: 0.9, url: "http://webaccess.advantech.com", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3940", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/434.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-32474", }, { db: "VULHUB", id: "VHN-155375", }, { db: "VULMON", id: "CVE-2019-3940", }, { db: "BID", id: "107847", }, { db: "JVNDB", id: "JVNDB-2019-003313", }, { db: "CNNVD", id: "CNNVD-201904-485", }, { db: "NVD", id: "CVE-2019-3940", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "CNVD", id: "CNVD-2019-32474", }, { db: "VULHUB", id: "VHN-155375", }, { db: "VULMON", id: "CVE-2019-3940", }, { db: "BID", id: "107847", }, { db: "JVNDB", id: "JVNDB-2019-003313", }, { db: "CNNVD", id: "CNNVD-201904-485", }, { db: "NVD", id: "CVE-2019-3940", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32474", }, { date: "2019-04-09T00:00:00", db: "VULHUB", id: "VHN-155375", }, { date: "2019-04-09T00:00:00", db: "VULMON", id: "CVE-2019-3940", }, { date: "2019-04-03T00:00:00", db: "BID", id: "107847", }, { date: "2019-05-14T00:00:00", db: "JVNDB", id: "JVNDB-2019-003313", }, { date: "2019-04-09T00:00:00", db: "CNNVD", id: "CNNVD-201904-485", }, { date: "2019-04-09T16:29:02.100000", db: "NVD", id: "CVE-2019-3940", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-21T00:00:00", db: "CNVD", id: "CNVD-2019-32474", }, { date: "2019-10-09T00:00:00", db: "VULHUB", id: "VHN-155375", }, { date: "2019-10-09T00:00:00", db: "VULMON", id: "CVE-2019-3940", }, { date: "2019-04-03T00:00:00", db: "BID", id: "107847", }, { date: "2019-05-14T00:00:00", db: "JVNDB", id: "JVNDB-2019-003313", }, { date: "2019-04-19T00:00:00", db: "CNNVD", id: "CNNVD-201904-485", }, { date: "2024-11-21T04:42:54.547000", db: "NVD", id: "CVE-2019-3940", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201904-485", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess Code Issue Vulnerability", sources: [ { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "CNVD", id: "CNVD-2019-32474", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Code problem", sources: [ { db: "IVD", id: "ed3f090d-7f3e-4836-870e-acc7e4660ef3", }, { db: "CNNVD", id: "CNNVD-201904-485", }, ], trust: 0.8, }, }
var-202008-1296
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.
Advantech WebAccess/SCADA has logic flaws. Attackers can use the vulnerability to access and modify the registry of the user's system, and can execute arbitrary commands on the user's system.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1296", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2020-48617", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-48617", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture.\n\r\n\r\nAdvantech WebAccess/SCADA has logic flaws. Attackers can use the vulnerability to access and modify the registry of the user's system, and can execute arbitrary commands on the user's system.", sources: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-48617", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], }, id: "VAR-202008-1296", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], }, last_update_date: "2022-05-04T09:38:05.588000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA wshom control IWshShell_Class class RegWrite member has logic defect vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/225713", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-28T00:00:00", db: "CNVD", id: "CNVD-2020-48617", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-27T00:00:00", db: "CNVD", id: "CNVD-2020-48617", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has logic flaw vulnerability (CNVD-2020-48617)", sources: [ { db: "CNVD", id: "CNVD-2020-48617", }, ], trust: 0.6, }, }
var-202102-0024
Vulnerability from variot
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0024", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess\\/scada", scope: "eq", trust: 1, vendor: "advantech", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: "9.0.1", }, { model: "webaccess/scada", scope: "eq", trust: 0.8, vendor: "アドバンテック株式会社", version: null, }, { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11308", }, { db: "JVNDB", id: "JVNDB-2020-016180", }, { db: "NVD", id: "CVE-2020-13555", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Discovered by Yuri Kramarz of Cisco Talos.", sources: [ { db: "CNNVD", id: "CNNVD-202102-1263", }, ], trust: 0.6, }, cve: "CVE-2020-13555", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CVE-2020-13555", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.8, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CNVD-2021-11308", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "VHN-166345", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "talos-cna@cisco.com", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13555", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2, id: "CVE-2020-13555", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-13555", trust: 1, value: "HIGH", }, { author: "talos-cna@cisco.com", id: "CVE-2020-13555", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2020-13555", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2021-11308", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202102-1263", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-166345", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11308", }, { db: "VULHUB", id: "VHN-166345", }, { db: "JVNDB", id: "JVNDB-2020-016180", }, { db: "CNNVD", id: "CNNVD-202102-1263", }, { db: "NVD", id: "CVE-2020-13555", }, { db: "NVD", id: "CVE-2020-13555", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment", sources: [ { db: "NVD", id: "CVE-2020-13555", }, { db: "JVNDB", id: "JVNDB-2020-016180", }, { db: "CNVD", id: "CNVD-2021-11308", }, { db: "VULHUB", id: "VHN-166345", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "TALOS", id: "TALOS-2020-1169", trust: 3.1, }, { db: "NVD", id: "CVE-2020-13555", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-016180", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-11308", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202102-1263", trust: 0.6, }, { db: "VULHUB", id: "VHN-166345", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11308", }, { db: "VULHUB", id: "VHN-166345", }, { db: "JVNDB", id: "JVNDB-2020-016180", }, { db: "CNNVD", id: "CNNVD-202102-1263", }, { db: "NVD", id: "CVE-2020-13555", }, ], }, id: "VAR-202102-0024", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-11308", }, { db: "VULHUB", id: "VHN-166345", }, ], trust: 1.3586421999999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11308", }, ], }, last_update_date: "2024-11-23T22:40:46.685000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "WebAccess/SCADA", trust: 0.8, url: "https://www.advantech.com/industrial-automation/webaccess/webaccessscada", }, { title: "Advantech WebAccess/SCADA Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142130", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-016180", }, { db: "CNNVD", id: "CNNVD-202102-1263", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-276", trust: 1.1, }, { problemtype: "Improper authority management (CWE-269) [NVD Evaluation ]", trust: 0.8, }, { problemtype: "CWE-269", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-166345", }, { db: "JVNDB", id: "JVNDB-2020-016180", }, { db: "NVD", id: "CVE-2020-13555", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://talosintelligence.com/vulnerability_reports/talos-2020-1169", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13555", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11308", }, { db: "VULHUB", id: "VHN-166345", }, { db: "JVNDB", id: "JVNDB-2020-016180", }, { db: "CNNVD", id: "CNNVD-202102-1263", }, { db: "NVD", id: "CVE-2020-13555", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-11308", }, { db: "VULHUB", id: "VHN-166345", }, { db: "JVNDB", id: "JVNDB-2020-016180", }, { db: "CNNVD", id: "CNNVD-202102-1263", }, { db: "NVD", id: "CVE-2020-13555", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11308", }, { date: "2021-02-17T00:00:00", db: "VULHUB", id: "VHN-166345", }, { date: "2021-11-12T00:00:00", db: "JVNDB", id: "JVNDB-2020-016180", }, { date: "2021-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202102-1263", }, { date: "2021-02-17T19:15:12.590000", db: "NVD", id: "CVE-2020-13555", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11308", }, { date: "2022-06-29T00:00:00", db: "VULHUB", id: "VHN-166345", }, { date: "2021-11-12T00:59:00", db: "JVNDB", id: "JVNDB-2020-016180", }, { date: "2022-04-20T00:00:00", db: "CNNVD", id: "CNNVD-202102-1263", }, { date: "2024-11-21T05:01:29.303000", db: "NVD", id: "CVE-2020-13555", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202102-1263", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA Vulnerability in privilege management", sources: [ { db: "JVNDB", id: "JVNDB-2020-016180", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202102-1263", }, ], trust: 0.6, }, }
var-202006-1904
Vulnerability from variot
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).
Advantech WebAccess/SCADA has an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files on the server.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1904", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "webaccess/scada", scope: "eq", trust: 0.6, vendor: "advantech", version: "9.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], }, cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-29405", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "CNVD", id: "CNVD-2020-29405", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Chinese company Advantech (Advantech).\n\r\n\r\nAdvantech WebAccess/SCADA has an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files on the server.", sources: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], trust: 0.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CNVD", id: "CNVD-2020-29405", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], }, id: "VAR-202006-1904", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], trust: 1.2405517, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], }, last_update_date: "2022-05-04T10:21:35.753000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Advantech WebAccess SCADA BwFLApp file has system command injection vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/216131", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-29405", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-28T00:00:00", db: "CNVD", id: "CNVD-2020-29405", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Advantech WebAccess/SCADA has arbitrary file deletion vulnerability (CNVD-2020-29405)", sources: [ { db: "CNVD", id: "CNVD-2020-29405", }, ], trust: 0.6, }, }