RSS   Vulnerabilities for 'Webaccess\/scada'   RSS

2021-03-18
 
CVE-2021-27436

CWE-79
 

 

 
2021-03-03
 
CVE-2020-13554

CWE-269
 

 
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.

 
2021-02-23
 
CVE-2020-25161

CWE-610
 

 
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.

 
2021-02-17
 
CVE-2020-13555

CWE-269
 

 
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.

 
 
CVE-2020-13553

CWE-269
 

 
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.

 
 
CVE-2020-13552

CWE-269
 

 
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.

 
 
CVE-2020-13551

CWE-269
 

 
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.

 
 
CVE-2020-13550

CWE-22
 

 
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability.

 

 >>> Vendor: Advantech 43 Products
Adam-6015
Adam-6017
Adam-6018
Adam-6022
Adam-6024
Adam-6050
Adam-6050w
Adam-6051
Adam-6051w
Adam-6052
Adam-6060
Adam-6060w
Adam-6066
Adam-6501
Advantech studio
Adam opc server
Modbus rtu opc server
Modbus tcp opc server
Advantech webaccess
Eki-6340
Eki-6340 firmware
Webaccess
Adamview
Eki-1200 gateway series firmware
Eki-122x series firmware
Eki-1321 series firmware
Eki-1322 series firmware
Eki-1361 series firmware
Eki-1362 series firmware
Vesp211-232 firmware
Vesp211-eu firmware
Susiaccess
Webop
Webaccess hmi designer
Webaccess/nms
Webaccess dashboard
Webaccess/scada
Webaccess/hmi designer
Webaccess\/nms
Iview
Webaccess\/hmi designer
R-seenet
Webaccess\/scada


Copyright 2021, cxsecurity.com

 

Back to Top