Advantech Webaccess Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

8.042
5.034
6.034
8.4.024
8.124

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix98
Temporary Fix0
Workaround0
Unavailable0
Not Defined96

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High4
Functional0
Proof-of-Concept8
Unproven0
Not Defined182

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical0
Local24
Adjacent0
Network170

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High0
Low60
None134

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required32
None162

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤30
≤44
≤58
≤626
≤734
≤862
≤948
≤1012

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤30
≤44
≤58
≤628
≤748
≤852
≤946
≤108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤30
≤410
≤510
≤640
≤728
≤882
≤912
≤1012

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤10
≤20
≤30
≤40
≤52
≤66
≤710
≤850
≤928
≤1042

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k18
<2k42
<5k134
<10k0
<25k0
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k166
<2k18
<5k10
<10k0
<25k0
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

🔴 CTI Activities

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Affected Versions (115): 2.1.7.32, 2.1.9, 2.1.9.1, 2.1.9.2, 2.1.9.3, 2.1.9.4, 2.1.9.5, 2.1.9.6, 2.1.9.7, 2.1.9.8, 2.1.9.9, 2.1.9.11, 2.1.9.12, 2.1.9.13, 2.1.9.14, 2.1.9.15, 2.1.9.16, 2.1.9.17, 2.1.9.18, 2.1.9.19, 2.1.9.21, 2.1.9.22, 2.1.9.23, 2.1.9.24, 2.1.9.25, 2.1.9.26, 2.1.9.27, 2.1.9.28, 2.1.9.29, 2.1.9.31, 2.1.9.32, 2.1.9.33, 2.1.9.34, 2.1.9.35, 2.1.9.36, 2.1.9.37, 2.1.9.38, 2.1.9.39, 2.1.9.41, 2.1.9.42, 2.1.9.43, 2.1.9.44, 2.1.9.45, 2.1.9.46, 2.1.9.47, 2.1.9.48, 2.1.9.49, 2.1.9.51, 2.1.9.52, 2.1.9.53, 2.1.9.54, 2.1.9.55, 2.1.9.56, 2.1.9.57, 2.1.9.58, 2.1.9.59, 2.1.9.61, 2.1.9.62, 2.1.9.63, 2.1.9.64, 2.1.9.65, 2.1.9.66, 2.1.9.67, 2.1.9.68, 2.1.9.69, 2.1.9.71, 2.1.9.72, 2.1.9.73, 2.1.9.74, 2.1.9.75, 2.1.9.76, 2.1.9.77, 2.1.9.78, 2.1.9.79, 2.1.9.81, 2.1.9.82, 2.1.9.83, 2.1.9.84, 2.1.9.85, 2.1.9.86, 2.1.9.87, 2.1.9.88, 2.1.9.89, 2.1.9.91, 2.1.9.92, 2.1.9.93, 2.1.9.94, 2.1.9.95, 3, 3.0.1, 5.0, 6.0, 7.0, 7.1, 7.2, 8.0, 8.1, 8.2, 8.3, 8.3.1, 8.3.2, 8.3.3, 8.3.4, 8.3.5, 8.4, 8.4.1, 8.4.2, 8.4.3, 8.4.4, 9, 9.0, 9.0.1, 9.0.2, 9.0.3, 9.02

Link to Product Website: https://www.advantech.com/

Software Type: SCADA Software

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
11/18/20215.35.2Advantech WebAccess HMI Designer Session Token cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.01CVE-2021-42703
11/17/20218.18.0Advantech WebAccess/HMI Designer use after free$0-$5k$0-$5kNot DefinedOfficial Fix0.01CVE-2021-42706
10/27/20215.35.2Advantech WebAccess/NMS improper authentication$0-$5k$0-$5kNot DefinedOfficial Fix0.01CVE-2021-32951
10/18/20219.89.6Advantech WebAccess stack-based overflow$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2021-38389
10/18/20219.89.6Advantech WebAccess heap-based overflow$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2021-33023
10/15/20214.34.2Advantech WebAccess SCADA API authorization$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2021-38431
09/09/20216.36.1Advantech WebAccess stack-based overflow$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2021-38408
08/10/20213.53.4Advantech WebAccess/SCADA UserExcelOut.asp cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-22676
08/10/20215.55.3Advantech WebAccess/SCADA path traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-22674
08/10/20216.36.0Advantech WebAccess/SCADA stack-based overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2021-32943
06/25/20216.36.3Advantech WebAccess HMI Designer memory corruption$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2021-33004
06/25/20216.36.3Advantech WebAccess HMI Designer Project File out-of-bounds write$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2021-33002
06/25/20216.36.3Advantech WebAccess HMI Designer Project File heap-based overflow$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2021-33000
06/20/20215.55.3Advantech WebAccess/SCADA URL redirect$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2021-32956
06/20/20214.34.3Advantech WebAccess/SCADA File System path traversal$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2021-32954
06/12/20213.53.5Advantech WebAccess bwRoot.asp WADashboard cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-34540
04/27/20215.55.5Advantech WebAccess/SCADA Portal permission assignment$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2021-22669
03/19/20214.84.8Advantech WebAccess/SCADA cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2021-27436
03/04/20217.87.8Advantech WebAccess/SCADA access control$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2020-13554
02/23/20217.57.2Advantech WebAccess/SCADA WADashboard external reference$0-$5kCalculatingNot DefinedOfficial Fix0.02CVE-2020-25161
02/18/20218.88.8Advantech WebAccess/SCADA COM Server access control$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2020-13555
02/18/20218.88.8Advantech WebAccess/SCADA Loaded Module access control$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2020-13553
02/18/20218.88.8Advantech WebAccess/SCADA Services access control$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2020-13552
02/18/20218.88.8Advantech WebAccess/SCADA access control$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2020-13551
02/18/20215.65.6Advantech WebAccess/SCADA HTTP Request information disclosure$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2020-13550

168 more entries are not shown

more entries by Advantech

Do you want to use VulDB in your project?

Use the official API to access entries easily!