149 matches found
Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability (CNVD-2021-11307)
Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...
Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability
Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...
CVE-2020-13552
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...
CVE-2020-13553
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...
CVE-2020-13551
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-13551
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
Privilege escalation
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
Privilege escalation
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...
Privilege escalation
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
Privilege escalation
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-13555
Advantech WebAccess/SCADA 9.0.1 is affected by several local privilege escalation vulnerabilities (CVE-2020-13555, CVE-2020-13552, CVE-2020-13553, CVE-2020-13554) as detailed in TALOS-2020-1169. The issues arise from weak permissions and misconfigurations that enable an unprivileged or moderately...
CVE-2020-13553
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with ...
CVE-2020-13553
Advantech WebAccess/SCADA 9.0.1 is affected by local privilege escalation vulnerabilities described across multiple sources (CVE-2020-13553; TALOS-2020-1169; Red Hat CVE page; CNVD/NVD entries). TALOS summarizes multiple exploitable vectors enabling NT SYSTEM-level execution by abusing weak permi...
CVE-2020-13551
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-13551
Advantech WebAccess/SCADA 9.0.1 is affected by CVE-2020-13551, a local privilege escalation via the PostgreSQL executable. The vulnerability arises from weak file system permissions that allow an authenticated user to replace binaries or loaded DLLs in the installation directory (e.g., pg_ctl.exe...
CVE-2020-13552
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...
CVE-2020-13552
CVE-2020-13552 affects Advantech WebAccess/SCADA 9.0.1. TALOS details multiple local privilege escalation vectors: attackers can replace binaries or loaded modules in the installation folder or manipulate service executables to run code with NT SYSTEM privileges. The issue involves weak permissio...