If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HAdvantech Webaccess
APPAdvantech8.4.5
Related vulnerabilities
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an...
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow a...
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of...
WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an atta...
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerab...