Scada 8.3.2

CVSS 7.3 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

advantech

CWE-787

NVD

Published: 2018-12-19

Updated: 2020-09-18

Summary

WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack.

Vulnerable Configurations

Part	Description	Count
Application	Advantech Advantech Webaccess/Scada 8.3.2	1
OS	Microsoft Microsoft Windows Server 2008 R2	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-352-02
https://www.tenable.com/security/research/tra-2018-45
http://www.securityfocus.com/bid/106245