Advantech WebAccess remain vulnerable (8.3.1 & 8.3.2) – Oct 2018

Advantech WebAccess remain vulnerable (8.3.1 & 8.3.2)

When vulnerability allows an attacker to execute “arbitrary code”, it typically means that the hacker can run any command. Although critical facilities especially Petroleum, electricity, Gas and water SCADA infrastructure are prohibited setup internet access function. However to cope with modernization. It is hard to avoid to do the network integration. Advantech is a leading brand in IoT intelligent systems, Industry 4.0, machine automation, embedding computing & embedded systems. We found that both two different version of web access function has vulnerabilities occurs. See whether this information is related to your expertise area. For more details, please see below:

Advantech ICSA-18-296-01 WebAccess Multiple Security Vulnerabilities

https://www.securityfocus.com/bid/105728

  • CVE-2018-15703: Multiple Reflected Cross-Site Scripting
  • CVE-2018-15704: Authenticated Stack Buffer Overflow

https://www.tenable.com/security/research/tra-2018-33

One thought on “Advantech WebAccess remain vulnerable (8.3.1 & 8.3.2) – Oct 2018”

  1. It’s an awesome article in favor of all the internet users; they will take benefit from it I am sure.|

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.