Vulnerabilities > Advantech

DATE CVE VULNERABILITY TITLE RISK
2021-03-17 CVE-2019-18235 Unspecified vulnerability in Advantech Spectre RT Ert351 Firmware 5.1.3
Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force password attack.
network
low complexity
advantech
critical
9.8
2021-03-17 CVE-2019-18233 Unspecified vulnerability in Advantech Spectre RT Ert351 Firmware 5.1.3
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack.
network
low complexity
advantech
6.1
2021-03-17 CVE-2019-18231 Unspecified vulnerability in Advantech Spectre RT Ert351 Firmware 5.1.3
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request.
network
low complexity
advantech
7.5
2021-03-03 CVE-2020-13554 Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation.
local
low complexity
advantech CWE-276
7.8
2021-02-24 CVE-2021-22667 Unspecified vulnerability in Advantech Bb-Eswgp506-2Sfp-T Firmware
BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior).
network
low complexity
advantech
critical
9.8
2021-02-23 CVE-2020-25161 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Advantech Webaccess/Scada
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
network
low complexity
advantech CWE-610
8.8
2021-02-17 CVE-2020-13555 Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation.
local
low complexity
advantech CWE-276
8.8
2021-02-17 CVE-2020-13553 Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation.
local
low complexity
advantech CWE-276
8.8
2021-02-17 CVE-2020-13552 Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation.
local
low complexity
advantech CWE-276
8.8
2021-02-17 CVE-2020-13551 Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation.
local
low complexity
advantech CWE-276
8.8