Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess scada vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-3954
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated malicious user to execute arbitrary code by sending a crafted IOCTL 81024 RPC call.
Advantech Webaccess 8.4.0
9.8
CVSSv3
CVE-2019-3953
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated malicious user to execute arbitrary code by sending a crafted IOCTL 10012 RPC call.
Advantech Webaccess 8.4.0
NA
CVE-2014-9208
Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess prior to 8.0.1 allow remote malicious users to execute arbitrary code via unknown vectors.
Advantech Webaccess
1 EDB exploit
7.8
CVSSv3
CVE-2023-2866
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server.
Advantech Webaccess 8.4.5
NA
CVE-2024-2453
There is an SQL injection vulnerability in Advantech WebAccess/SCADA software that allows an authenticated malicious user to remotely inject SQL code in the database. Successful exploitation of this vulnerability could allow an malicious user to read or modify data on the remote...
8.8
CVSSv3
CVE-2021-22669
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6