WebAccess is a browser-based software package for human-machine interfaces (HMI) and SCADA systems developed by Advantech.
The vulnerabilities affect WebAccess/SCADA Versions 8.3.5 and prior.
The software is widely adopted in many sectors worldwide, such as critical manufacturing, energy, and water and wastewater.
The vulnerabilities were reported to NCCIC by researchers Mat Powell and Natnael Samson (@NattiSamson) through Trend Micro’s Zero Day Initiative (ZDI).
The WebAccess is affected by three types of vulnerabilities, including two critical remote code execution flaws and one “high severity” denial-of-service (DoS) issue.
Below the flaws reported by the US ICS-CERT:
The vulnerabilities were reported to the vendor in January that addressed them with the release of version 8.4.0 of WebAccess.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Advantech, WebAccess)
[adrotate banner=”5″]
[adrotate banner=”13″]
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their…
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all…
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting…
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the…
A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical…
Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler…
This website uses cookies.