149 matches found
CVE-2021-40396
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40397
A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40389
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40389
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40389
CVE-2021-40389 affects Advantech DeviceOn/iEdge Server 1.0.2. The vulnerability (CWE-276: Incorrect Default Permissions) arises from default permissions in the installation folder (e.g., c:\Program Files\Advantech\…) that let the Everyone group have full control over critical service binaries. An...
CVE-2021-40388
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40388
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40388
Advantech SQ Manager Server 1.0.6 contains a privilege-escalation vulnerability (CWE-276). By default, the installation folder grants Everyone Full control over critical binaries (e.g., psql.exe, postgres.exe, pg_ctl.exe) in c:\Program Files\Advantech\SQ Manager Server\database\PostgreSQL\pgsql\b...
Advantech DeviceOn/iEdge Server Elevation of Privilege Vulnerability
Advantech DeviceOn/iEdge Server is industrial device intelligence software that enables non-intelligent devices to have IoT connectivity management capabilities.Advantech DeviceOn/iEdge Server elevation of privilege vulnerability can be exploited by attackers to gain elevated privileges to NT...
Advantech has unspecified vulnerabilities (CNVD-2022-08289)
Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system. Advantech DeviceOn/iService 1.1.7 contains a security vulnerability that can be exploited by attackers to replace specially crafted files in the system to elevate privileges to...
Unspecified vulnerabilities exist in Advantech (CNVD-2022-08368)
Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system.A security vulnerability exists in Advantech SQ Manager Server, which can replace specially crafted files in the system to escalate privileges to NT system privileges. An attack...
Advantech DeviceOn/iEdge Server 1.0.2 privilege escalation vulnerability
Summary A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. Tested...
Advantech 安全漏洞
Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system. Advantech DeviceOn/iService 1.1.7 contains a security vulnerability that can be exploited by attackers to replace specially crafted files in the system to elevate privileges to...
Advantech DeviceOn/iService 1.1.7 Server installation privilege escalation vulnerability
Summary A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. Tested Versio...
CVE-2021-21912
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...
CVE-2021-21912
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...
Privilege escalation
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...
Privilege escalation
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...
Privilege escalation
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...
CVE-2021-21911
Advantech R-SeeNet on Windows is affected by CVE-2021-21911 (Privilege escalation via SnmpMonSvs service executable) affecting 2.4.15. The vulnerability is caused by insufficient protection of the C:\R-SeeNet installation files, allowing an authenticated user to replace the SnmpMonSvs service bin...