CVE-2021-38431 – Advantech WebAccess SCADA
https://notcve.org/view.php?id=CVE-2021-38431
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users. Un usuario autenticado usando Advantech WebAccess SCADA en versiones 9.0.3 y anteriores, puede usar funciones de la API para revelar nombres de proyectos y rutas de otros usuarios • https://us-cert.cisa.gov/ics/advisories/icsa-21-285-01 • CWE-862: Missing Authorization •
CVE-2021-38408 – Advantech WebAccess BwFLApp Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-38408
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en Advantech WebAccess versiones 9.02 y anteriores, causada por una falta de comprobación apropiada de la longitud de los datos suministrados por el usuario puede permitir una ejecución de código remota This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x2711, which can be used to invoke BwFLApp.exe. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. • https://us-cert.cisa.gov/ics/advisories/icsa-21-245-03 • CWE-121: Stack-based Buffer Overflow •
CVE-2021-32943
https://notcve.org/view.php?id=CVE-2021-32943
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). El producto afectado es vulnerable a un desbordamiento del búfer en la región stack de la memoria, que puede permitir a un atacante ejecutar remotamente código arbitrario en el WebAccess/SCADA (WebAccess/SCADA versiones anteriores a 8.4.5, WebAccess/SCADA versiones anteriores a 9.0.1) • https://us-cert.cisa.gov/ics/advisories/icsa-21-217-04 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-22676
https://notcve.org/view.php?id=CVE-2021-22676
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). El archivo UserExcelOut.asp dentro de WebAccess/SCADA es vulnerable a un ataque de tipo cross-site scripting (XSS), que podría permitir a un atacante enviar código JavaScript malicioso. Esto podría resultar en el secuestro de los tokens de cookies/sesión, la redirección a una página web maliciosa, y la acción involuntaria del navegador en el WebAccess/SCADA (WebAccess/SCADA versiones anteriores a 8.4.5, WebAccess/SCADA versiones anteriores a 9.0.1) • https://us-cert.cisa.gov/ics/advisories/icsa-21-217-04 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-22674
https://notcve.org/view.php?id=CVE-2021-22674
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). El producto afectado es vulnerable a una condición de salto de ruta relativa, que puede permitir a un atacante acceder a archivos y directorios no autorizados en el WebAccess/SCADA (WebAccess/SCADA versiones anteriores a 8.4.5, WebAccess/SCADA versiones anteriores a 9.0.1) • https://us-cert.cisa.gov/ics/advisories/icsa-21-217-04 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •