Lucene search
K

1697 matches found

CNNVD
CNNVD
added 2023/06/02 12:0 a.m.3 views

Advantech WebAccess/SCADA 代码问题漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An arbitrary file upload vulnerability exists i...

7.2CVSS7.4AI score0.0083EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/02 12:0 a.m.4 views

The vulnerability of the Advantech WebAccess remote monitoring software lies in improper code generation, allowing a hacker to execute arbitrary code.

The vulnerability of Advantech WebAccess remote monitoring software is related to improper code generation management. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...

8.3CVSS8.2AI score0.00898EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.6 views

Advantech WebAccess/SCADA 代码问题漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An arbitrary file upload vulnerability exists i...

9.8CVSS8AI score0.00713EPSS
Exploits0References4
CISA
CISA
added 2023/06/01 12:0 p.m.4 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta...

7AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.5 views

PT-2023-2962 · Advantech · Advantech Webaccess/Scada

Name of the Vulnerable Software and Affected Versions: Advantech WebAccess/SCADA versions 9.1.3 and prior Description: The issue is related to incorrect code generation management in the Advantech WebAccess software, which could allow an attacker to overwrite any file in the operating system,...

9.8CVSS9.4AI score0.00898EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/05/31 12:0 a.m.5 views

Advantech WebAccess/SCADA 数据伪造问题漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation devices. A security vulnerability exists in Advantech...

7.8CVSS7.5AI score0.00142EPSS
Exploits0References3
CISA
CISA
added 2023/05/30 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-150-01 Advantech WebAccess/SCADA CISA encourages users and administrators to review the newl...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/18 12:0 a.m.3 views

PT-2023-3045 · Advantech · Advantech Webaccess/Scada

Name of the Vulnerable Software and Affected Versions: Advantech WebAccss/SCADA versions 9.1.3 and prior Description: The issue is related to an arbitrary file upload vulnerability. This could allow an attacker to upload an ASP script file to a webserver when logged in as a manager user, leading ...

9.3CVSS7AI score0.0083EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2022/02/02 12:0 a.m.24 views

Advantech WebAccess IOCTL 0x2722 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x2722. The issue results from the lack of proper validation o...

9.8CVSS9.4AI score0.02206EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/02/02 12:0 a.m.20 views

Advantech WebAccess IOCTL 0x2722 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x2722. The issue results from the lack of proper validation o...

9.8CVSS9.4AI score0.02206EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/02/02 12:0 a.m.27 views

Advantech WebAccess IOCTL 0x1138B Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x1138B. The issue results from the lack of proper validation ...

9.8CVSS9.4AI score0.10367EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2021/12/22 12:0 a.m.3 views

Advantech WebAccess HMI Designer Buffer Overflow (CVE-2021-33000)

A buffer overflow vulnerability exists in the project management file parsing component of Advantech WebAccess HMI Designer. The vulnerability is due to lack of proper validation while processing user supplied NMultistateLamp object data...

6.8CVSS7.6AI score0.01041EPSS
Exploits0
CNVD
CNVD
added 2021/11/22 12:0 a.m.15 views

Advantech WebAccess HMI Designer Resource Management Error Vulnerability

Advantech WebAccess HMI Designer is an integrated HMI development tool from Advantech, Taiwan, China. The product is equipped with features such as data transfer, menu editing and text editing. A resource management error vulnerability exists in Advantech WebAccess HMI Designer versions prior to...

7.8CVSS7.7AI score0.00273EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/15 12:0 a.m.3 views

Advantech WebAccess HMI Designer 跨站脚本漏洞

Advantech WebAccess HMI Designer is an integrated HMI development tool from Advantech, Taiwan, China. The product is equipped with features such as data transfer, menu editing and text editing. A cross-site scripting vulnerability exists in Advantech WebAccess HMI Designer versions prior to...

6.1CVSS5.3AI score0.00603EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/15 12:0 a.m.2 views

Advantech WebAccess HMI Designer 资源管理错误漏洞

Advantech WebAccess HMI Designer is an integrated HMI development tool from Advantech, Taiwan, China. The product is equipped with features such as data transfer, menu editing and text editing. A resource management error vulnerability exists in Advantech WebAccess HMI Designer versions prior to...

7.8CVSS6.1AI score0.00273EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.4 views

The vulnerability of the Advantech WebAccess remote monitoring software arises from buffer overflows in the stack, allowing a hacker to execute arbitrary code.

The vulnerability of Advantech WebAccess remote monitoring software arises due to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...

10CVSS8.5AI score0.11569EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/10/18 1:15 p.m.12 views

CVE-2021-38389

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code...

9.8CVSS0.10367EPSS
Exploits0References1
NVD
NVD
added 2021/10/18 1:15 p.m.14 views

CVE-2021-33023

Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code...

9.8CVSS0.02206EPSS
Exploits0References1
Prion
Prion
added 2021/10/18 1:15 p.m.23 views

Stack overflow

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code...

7.5CVSS9.5AI score0.10367EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/18 12:41 p.m.17 views

CVE-2021-38389 Advantech WebAccess

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code...

9.8CVSS9.7AI score0.10367EPSS
Exploits0References1
Rows per page
Query Builder