Lucene search
K

231 matches found

CNNVD
CNNVD
added 2021/03/16 12:0 a.m.5 views

研华 Advantech WebAccess/SCADA 跨站脚本漏洞

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A cross-site scripting vulnerability...

6.1CVSS5.4AI score0.0069EPSS
Exploits0References3
ICS
ICS
added 2021/03/16 12:0 a.m.46 views

Advantech WebAccess/SCADA

1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to steal a user’s...

6.1CVSS6.2AI score0.0069EPSS
Exploits0References5
OSV
OSV
added 2021/03/03 5:15 p.m.4 views

CVE-2020-13554

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

7.8CVSS7.3AI score0.00547EPSS
Exploits1References1
NVD
NVD
added 2021/03/03 5:15 p.m.29 views

CVE-2020-13554

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

8.8CVSS0.00547EPSS
Exploits1References1
Prion
Prion
added 2021/03/03 5:15 p.m.15 views

Privilege escalation

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

7.2CVSS8AI score0.00547EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/03 4:14 p.m.33 views

CVE-2020-13554

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

8.8CVSS8.1AI score0.00547EPSS
Exploits1References1
OSV
OSV
added 2021/02/23 5:15 p.m.5 views

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

8.8CVSS7.4AI score0.01509EPSS
Exploits0References1
Prion
Prion
added 2021/02/23 5:15 p.m.16 views

Path traversal

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

6.5CVSS8.7AI score0.01509EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/02/18 12:0 a.m.5 views

Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability (CNVD-2021-11305)

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...

8.8CVSS7AI score0.00504EPSS
Exploits1References1
CNVD
CNVD
added 2021/02/18 12:0 a.m.8 views

Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...

8.8CVSS7AI score0.00504EPSS
Exploits1References1
CNVD
CNVD
added 2021/02/18 12:0 a.m.7 views

Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability (CNVD-2021-11307)

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...

8.8CVSS7AI score0.00547EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.7 views

CVE-2020-13550

A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability...

7.7CVSS5.8AI score0.03488EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.4 views

CVE-2020-13553

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

8.8CVSS5.9AI score0.00504EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.26 views

CVE-2020-13553

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...

8.8CVSS0.00504EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.16 views

CVE-2020-13552

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...

8.8CVSS0.00504EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.5 views

CVE-2020-13551

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS5.9AI score0.00493EPSS
Exploits1References1
OSV
OSV
added 2021/02/17 7:15 p.m.5 views

CVE-2020-13555

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS7.4AI score0.00504EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.26 views

CVE-2020-13555

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS0.00504EPSS
Exploits1References1
NVD
NVD
added 2021/02/17 7:15 p.m.32 views

CVE-2020-13551

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

8.8CVSS0.00493EPSS
Exploits1References1
Prion
Prion
added 2021/02/17 7:15 p.m.12 views

Cross site request forgery (csrf)

A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability...

4CVSS7AI score0.03488EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder