28 June 2019
Multiple vulnerabilities in Advantech WebAccess/SCADA
A number of severe vulnerabilities have been identified in versions 8.3.5 and earlier of Advantech’s software SCADA platform, WebAccess/SCADA. The vulnerabilities could lead to the disclosure of important information, deletion of files, and remote code execution.
Six vulnerabilities have been identified:
- path traversal vulnerability (CVE-2019-10985), caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator. This is a high severity vulnerability (CVSS v.3.0 base score of 7.5).
- multiple stack-based (CVE-2019-10991) and heap-based (CVE-2019-10989) buffer overflow vulnerabilities caused by the lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. These are critical vulnerabilities (CVSS v.3.0 base score of 9.8).
- out-of-bounds read (CVE-2019-10983) and write (CVE-2019-10987), also caused by the lack of proper validation of the length of user-supplied data. The former vulnerability could lead to the disclosure of important information, the latter to remote code execution. These vulnerabilities are medium severity (CVSS v.3.0 base score of 5.3) and high severity (CVSS v.3.0 base score of 8.8), respectively.
- multiple untrusted pointer dereference vulnerabilities (CVE-2019-10993). If exploited, these vulnerabilities could allow a remote attacker to execute arbitrary code. These are critical vulnerabilities (CVSS v.3.0 base score of 9.8).
To close the above vulnerabilities, Advantech has released version 8.4.1 of WebAccess / SCADA.
Threats to ICS and industrial enterprises in 2022 as they are foreseen from November 2021
23 November 2021
Good old buffer overflow
31 March 2021
Network Asset Traversal or NATural disaster: NAT Slipstreaming 2.0
30 March 2021