Vulnerabilities > Advantech > Webaccess Scada > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-06 | CVE-2023-22450 | Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess/Scada In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution. | 7.2 |
| 2021-04-26 | CVE-2021-22669 | Incorrect Permission Assignment for Critical Resource vulnerability in Advantech Webaccess/Scada Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system. | 8.8 |
| 2021-03-03 | CVE-2020-13554 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 7.8 |
| 2021-02-23 | CVE-2020-25161 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Advantech Webaccess/Scada The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator. | 8.8 |
| 2021-02-17 | CVE-2020-13555 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-13553 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-13552 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-13551 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-13550 | Path Traversal vulnerability in Advantech Webaccess/Scada 9.0.1 A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. | 7.7 |
| 2019-02-05 | CVE-2019-6521 | Improper Authentication vulnerability in Advantech Webaccess/Scada 8.3 WebAccess/SCADA, Version 8.3. | 8.6 |