Vulnerabilities > Advantech

DATE CVE VULNERABILITY TITLE RISK
2021-02-17 CVE-2020-13550 Path Traversal vulnerability in Advantech Webaccess/Scada 9.0.1
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1.
network
low complexity
advantech CWE-22
7.7
2021-02-11 CVE-2021-22658 SQL Injection vulnerability in Advantech Iview 5.6/5.7/5.7.02
Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'.
network
low complexity
advantech CWE-89
critical
9.8
2021-02-11 CVE-2021-22656 Path Traversal vulnerability in Advantech Iview 5.6/5.7/5.7.02
Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files.
network
low complexity
advantech CWE-22
7.5
2021-02-11 CVE-2021-22654 SQL Injection vulnerability in Advantech Iview 5.6/5.7/5.7.02
Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information.
network
low complexity
advantech CWE-89
7.5
2021-02-11 CVE-2021-22652 Missing Authentication for Critical Function vulnerability in Advantech Iview 5.6/5.7/5.7.02
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.
network
low complexity
advantech CWE-306
critical
9.8
2020-10-20 CVE-2020-25157 SQL Injection vulnerability in Advantech R-Seenet
The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information.
network
low complexity
advantech CWE-89
7.5
2020-09-22 CVE-2020-16202 Incorrect Permission Assignment for Critical Resource vulnerability in Advantech Webaccess
WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges.
local
low complexity
advantech CWE-732
7.8
2020-08-25 CVE-2020-16245 Path Traversal vulnerability in Advantech Iview 5.6/5.7
Advantech iView, Versions 5.7 and prior.
network
low complexity
advantech CWE-22
critical
9.8
2020-08-06 CVE-2020-16229 Type Confusion vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
local
low complexity
advantech CWE-843
7.8
2020-08-06 CVE-2020-16217 Double Free vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
local
low complexity
advantech CWE-415
7.8