Vulnerabilities > Advantech > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-26 | CVE-2021-22669 | Unspecified vulnerability in Advantech Webaccess/Scada Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system. | 8.8 |
| 2021-03-17 | CVE-2019-18231 | Unspecified vulnerability in Advantech Spectre RT Ert351 Firmware 5.1.3 Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request. | 7.5 |
| 2021-03-03 | CVE-2020-13554 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 7.8 |
| 2021-02-23 | CVE-2020-25161 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Advantech Webaccess/Scada The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator. | 8.8 |
| 2021-02-17 | CVE-2020-13555 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-13553 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-13552 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-13551 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-13550 | Path Traversal vulnerability in Advantech Webaccess/Scada 9.0.1 A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. | 7.7 |
| 2021-02-11 | CVE-2021-22656 | Path Traversal vulnerability in Advantech Iview 5.6/5.7/5.7.02 Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files. | 7.5 |