Vulnerabilities > Advantech

DATE CVE VULNERABILITY TITLE RISK
2022-02-04 CVE-2022-22987 Use of Hard-coded Credentials vulnerability in Advantech Adam-3600 Firmware 2.6.2
The affected product has a hardcoded private key available inside the project folder, which may allow an attacker to achieve Web Server login and perform further actions.
network
low complexity
advantech CWE-798
7.5
7.5
2022-01-28 CVE-2021-40388 Incorrect Default Permissions vulnerability in Advantech SQ Manager 1.0.6
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6.
local
low complexity
advantech CWE-276
7.2
7.2
2022-01-28 CVE-2021-40389 Incorrect Default Permissions vulnerability in Advantech Deviceon/Iedge 1.0.2
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2.
local
low complexity
advantech CWE-276
7.2
7.2
2022-01-28 CVE-2021-40396 Incorrect Default Permissions vulnerability in Advantech Deviceon/Iservice 1.1.7
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7.
local
low complexity
advantech CWE-276
7.2
7.2
2022-01-28 CVE-2021-40397 Incorrect Default Permissions vulnerability in Advantech Wise-Paas/Ota 3.0.9
A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9.
network
advantech CWE-276
critical
 9.3
9.3
2021-12-22 CVE-2021-21910 Incorrect Default Permissions vulnerability in Advantech R-Seenet 2.4.15
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021).
local
low complexity
advantech CWE-276
7.2
7.2
2021-12-22 CVE-2021-21911 Improper Privilege Management vulnerability in Advantech R-Seenet 2.4.15
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021).
local
low complexity
advantech CWE-269
7.2
7.2
2021-12-22 CVE-2021-21912 Improper Privilege Management vulnerability in Advantech R-Seenet 2.4.15
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021).
local
low complexity
advantech CWE-269
7.2
7.2
2021-12-22 CVE-2021-21915 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021).
network
low complexity
advantech CWE-89
6.5
6.5
2021-12-22 CVE-2021-21916 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021).
network
low complexity
advantech CWE-89
6.5
6.5