Preface: Advantech is a leading brand in IoT intelligent systems, Industry 4.0, machine automation, embedding computing, embedded systems, transportation, …

New vulnerabilities found in WebAccess/SCADA Version 8.3:
CVE-2019-6519 – An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data.
CVE-2019-6521 – Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information.
CVE-2019-6523 – The software does not properly sanitize its inputs for SQL commands.

Status: Vendor do not have patch release in the moment (see below url)

https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV&Doc_Source=Download

Recommendation: Enforce access control. Meanwhile install SIEM facility to enhance the preventive and detective control.