Advantech WebAccess < 8.1_20160519 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 9960

Synopsis

The detected version of Advantech WebAccess may be affected by multiple attack vectors.

Description

The installed version of Advantech WebAccess is prior to 8.1_20160519 and is affected by the following vulnerabilities :

- A flaw exists that is triggered as 'upAdminPg.asp' exposes sensitive information, including administrative passwords. This may allow an authenticated remote attacker to disclose sensitive information.
- A flaw exists that is triggered as multiple unspecified ActiveX controls, which are intended for restricted use, are instead marked as safe-for-scripting. This may potentially allow a context-dependent attacker to leverage them to conduct attacks.
- An overflow condition in exists 'cellvision.ocx' that is triggered as user-supplied input is not properly validated when handling DLL files. This may allow a context-dependent attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
- A flaw exists in the project user web page that may expose password information to remote attackers. No further details have been provided by the vendor.
- An overflow condition exists in the 'cellvision.ocx' control. The issue is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a buffer overflow, potentially allowing the execution of arbitrary code.

Solution

Upgrade to Advantech WebAccess version 8.1_20160519 or later.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01

http://www.securityweek.com/advantech-failed-patch-serious-flaws-scada-product

Plugin Details

Severity: High

ID: 9960

Family: SCADA

Published: 2/14/2017

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:advantech:advantech_webaccess

Patch Publication Date: 5/19/2016

Vulnerability Publication Date: 5/19/2016

Reference Information

CVE: CVE-2016-4525, CVE-2016-4528