Filtered by vendor Advantech
Subscriptions
Filtered by product Webaccess\/scada
Subscriptions
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-13552 | 1 Advantech | 1 Webaccess\/scada | 2024-11-21 | 8.8 High |
| An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. | ||||
| CVE-2020-13551 | 1 Advantech | 1 Webaccess\/scada | 2024-11-21 | 8.8 High |
| An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. | ||||
| CVE-2020-13550 | 1 Advantech | 1 Webaccess\/scada | 2024-11-21 | 7.7 High |
| A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability. | ||||
| CVE-2019-6523 | 1 Advantech | 1 Webaccess\/scada | 2024-11-21 | N/A |
| WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands. | ||||
| CVE-2019-6521 | 1 Advantech | 1 Webaccess\/scada | 2024-11-21 | N/A |
| WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information. | ||||
| CVE-2019-6519 | 1 Advantech | 1 Webaccess\/scada | 2024-11-21 | N/A |
| WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data. | ||||
| CVE-2018-5445 | 1 Advantech | 1 Webaccess\/scada | 2024-11-21 | N/A |
| A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. An attacker has read access to files within the directory structure of the target device. | ||||
| CVE-2018-5443 | 1 Advantech | 1 Webaccess\/scada | 2024-11-21 | N/A |
| A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands. | ||||
| CVE-2018-18999 | 2 Advantech, Microsoft | 2 Webaccess\/scada, Windows Server 2008 | 2024-11-21 | 7.3 High |
| WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack. | ||||