Lucene search
K

1697 matches found

CNVD
CNVD
added 2021/02/18 12:0 a.m.7 views

Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability (CNVD-2021-11307)

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...

8.8CVSS7AI score0.00547EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.14 views

CVE-2020-13551

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS0.00493EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.12 views

CVE-2020-13550

A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability...

7.7CVSS0.03488EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.8 views

CVE-2020-13555

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS0.00504EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.16 views

CVE-2020-13552

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...

8.8CVSS0.00504EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.7 views

CVE-2020-13550

A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability...

7.7CVSS5.8AI score0.03488EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.11 views

CVE-2020-13553

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

8.8CVSS0.00504EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.5 views

CVE-2020-13551

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS5.9AI score0.00493EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.5 views

CVE-2020-13555

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS7.4AI score0.00504EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.3 views

CVE-2020-13552

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...

8.8CVSS7.4AI score0.00504EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.4 views

CVE-2020-13553

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

8.8CVSS5.9AI score0.00504EPSS
Exploits1References1
Prion
Prion
added 2021/02/17 7:15 p.m.11 views

Cross site request forgery (csrf)

A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability...

4CVSS7AI score0.03488EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/02/17 7:15 p.m.20 views

Privilege escalation

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

7.2CVSS8.7AI score0.00504EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/02/17 7:15 p.m.10 views

Privilege escalation

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...

7.2CVSS8.8AI score0.00504EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/02/17 6:23 p.m.17 views

CVE-2020-13555

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS8.8AI score0.00504EPSS
Exploits1References1
CVE
CVE
added 2021/02/17 6:20 p.m.57 views

CVE-2020-13553

Advantech WebAccess/SCADA 9.0.1 is affected by local privilege escalation vulnerabilities described across multiple sources (CVE-2020-13553; TALOS-2020-1169; Red Hat CVE page; CNVD/NVD entries). TALOS summarizes multiple exploitable vectors enabling NT SYSTEM-level execution by abusing weak permi...

8.8CVSS8.7AI score0.00504EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/02/17 6:17 p.m.58 views

CVE-2020-13551

Advantech WebAccess/SCADA 9.0.1 is affected by CVE-2020-13551, a local privilege escalation via the PostgreSQL executable. The vulnerability arises from weak file system permissions that allow an authenticated user to replace binaries or loaded DLLs in the installation directory (e.g., pg_ctl.exe...

8.8CVSS8.8AI score0.00493EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/02/17 6:17 p.m.14 views

CVE-2020-13551

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS8.9AI score0.00493EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/02/17 6:16 p.m.21 views

CVE-2020-13552

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...

8.8CVSS8.9AI score0.00504EPSS
Exploits1References1
CVE
CVE
added 2021/02/17 6:16 p.m.45 views

CVE-2020-13552

CVE-2020-13552 affects Advantech WebAccess/SCADA 9.0.1. TALOS details multiple local privilege escalation vectors: attackers can replace binaries or loaded modules in the installation folder or manipulate service executables to run code with NT SYSTEM privileges. The issue involves weak permissio...

8.8CVSS8.8AI score0.00504EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder