Lucene search
K

149 matches found

CVE
CVE
added 2022/01/28 7:9 p.m.46 views

CVE-2021-40397

The CVE-2021-40397 entry relates to a privilege-escalation in Advantech WISE-PaaS/OTA Server 3.0.9. TALOS details describe a local attack where a specially crafted file in the OTA Server installation triggers elevation to NT AUTHORITY\SYSTEM by replacing files used by the PostgreSQL-related binar...

9.3CVSS7.8AI score0.00872EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/01/28 7:9 p.m.51 views

CVE-2021-40396

Advantech DeviceOn/iService 1.1.7 is affected by a privilege-escalation flaw from overly-permissive installation directory permissions. According to TALOS-2021-1408, the Server binaries in c:\Program Files\Advantech\WISE-DeviceOn\database\PostgreSQL\pgsql\bin\ (psql.exe, pg_ctl.exe, postgres.exe)...

8.8CVSS8.9AI score0.00365EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/01/28 7:9 p.m.4 views

CVE-2021-40389

A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS9.1AI score0.00365EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/01/28 7:9 p.m.15 views

CVE-2021-40389

A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS9.1AI score0.00365EPSS
Exploits1References1
CVE
CVE
added 2022/01/28 7:9 p.m.51 views

CVE-2021-40389

CVE-2021-40389 affects Advantech DeviceOn/iEdge Server 1.0.2. The vulnerability (CWE-276: Incorrect Default Permissions) arises from default permissions in the installation folder (e.g., c:\Program Files\Advantech\…) that let the Everyone group have full control over critical service binaries. An...

8.8CVSS8.9AI score0.00365EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/28 7:9 p.m.18 views

CVE-2021-40388

A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS9.1AI score0.00365EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/01/28 7:9 p.m.7 views

CVE-2021-40388

A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS9.1AI score0.00365EPSS
Exploits1References1
CVE
CVE
added 2022/01/28 7:9 p.m.59 views

CVE-2021-40388

Advantech SQ Manager Server 1.0.6 contains a privilege-escalation vulnerability (CWE-276). By default, the installation folder grants Everyone Full control over critical binaries (e.g., psql.exe, postgres.exe, pg_ctl.exe) in c:\Program Files\Advantech\SQ Manager Server\database\PostgreSQL\pgsql\b...

8.8CVSS8.8AI score0.00365EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2022/01/20 12:0 a.m.13 views

Advantech has unspecified vulnerabilities (CNVD-2022-08289)

Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system. Advantech DeviceOn/iService 1.1.7 contains a security vulnerability that can be exploited by attackers to replace specially crafted files in the system to elevate privileges to...

8.8CVSS5.8AI score0.00365EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/20 12:0 a.m.14 views

Advantech DeviceOn/iEdge Server Elevation of Privilege Vulnerability

Advantech DeviceOn/iEdge Server is industrial device intelligence software that enables non-intelligent devices to have IoT connectivity management capabilities.Advantech DeviceOn/iEdge Server elevation of privilege vulnerability can be exploited by attackers to gain elevated privileges to NT...

7.2CVSS6.3AI score0.00365EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/01/20 12:0 a.m.17 views

Unspecified vulnerabilities exist in Advantech (CNVD-2022-08368)

Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system.A security vulnerability exists in Advantech SQ Manager Server, which can replace specially crafted files in the system to escalate privileges to NT system privileges. An attack...

8.8CVSS3.6AI score0.00365EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/01/18 12:0 a.m.4 views

Advantech 安全漏洞

Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system. Advantech DeviceOn/iService 1.1.7 contains a security vulnerability that can be exploited by attackers to replace specially crafted files in the system to elevate privileges to...

8.8CVSS5.6AI score0.00365EPSS
Exploits1References4
Talos
Talos
added 2022/01/18 12:0 a.m.35 views

Advantech DeviceOn/iService 1.1.7 Server installation privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. Tested Versio...

8.8CVSS9.1AI score0.00365EPSS
Exploits1
Talos
Talos
added 2022/01/18 12:0 a.m.34 views

Advantech DeviceOn/iEdge Server 1.0.2 privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. Tested...

8.8CVSS9.1AI score0.00365EPSS
Exploits1
NVD
NVD
added 2021/12/22 7:15 p.m.18 views

CVE-2021-21912

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...

8.8CVSS0.00378EPSS
Exploits1References1
OSV
OSV
added 2021/12/22 7:15 p.m.2 views

CVE-2021-21912

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...

7.8CVSS7.1AI score0.00378EPSS
Exploits1References1
Prion
Prion
added 2021/12/22 7:15 p.m.15 views

Privilege escalation

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...

7.2CVSS8AI score0.00314EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/12/22 7:15 p.m.17 views

Privilege escalation

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...

7.2CVSS8AI score0.00378EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/12/22 7:15 p.m.19 views

Privilege escalation

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...

7.2CVSS8AI score0.00314EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/12/22 6:6 p.m.59 views

CVE-2021-21912

Advantech R-SeeNet for Windows (Version 2.4.15) has a privilege escalation vulnerability (CVE-2021-21912) allowing an authenticated user to replace specific executable files in C:\R-SeeNet and related services to gain NT SYSTEM privileges. The TALOS report details multiple components (mysqld.exe,...

8.8CVSS7.8AI score0.00378EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder