Vulnerabilities > Advantech > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-26 | CVE-2019-16899 | Unspecified vulnerability in Advantech Webaccess/Hmi Designer 2.1.9.31 In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918. | 7.5 |
| 2019-09-18 | CVE-2019-13556 | Out-of-bounds Write vulnerability in Advantech Webaccess In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. | 8.8 |
| 2019-09-18 | CVE-2019-13552 | Command Injection vulnerability in Advantech Webaccess In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution. | 8.8 |
| 2019-08-02 | CVE-2019-10961 | Out-of-bounds Write vulnerability in Advantech Webaccess HMI Designer 2.1.7.32 In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution. | 8.8 |
| 2019-06-28 | CVE-2019-10987 | Out-of-bounds Write vulnerability in Advantech Webaccess In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. | 8.8 |
| 2019-06-28 | CVE-2019-10983 | Out-of-bounds Read vulnerability in Advantech Webaccess In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. | 7.5 |
| 2019-04-09 | CVE-2019-3941 | Missing Authentication for Critical Function vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC. | 7.5 |
| 2019-04-05 | CVE-2019-6554 | Unspecified vulnerability in Advantech Webaccess Advantech WebAccess/SCADA, Versions 8.3.5 and prior. | 7.5 |
| 2019-02-05 | CVE-2019-6521 | Improper Authentication vulnerability in Advantech Webaccess/Scada 8.3 WebAccess/SCADA, Version 8.3. | 8.6 |
| 2018-12-19 | CVE-2018-18999 | Out-of-bounds Write vulnerability in Advantech Webaccess/Scada 8.3.2 WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. | 7.3 |