CVE-2020-14507 – Advantech iView LinksTable exportLinks Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-14507
Advantech iView, versions 5.6 and prior, is vulnerable to multiple path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code. Advantech iView, versiones 5.6 y anteriores, es vulnerable a vulnerabilidades de múltiples caminos que podrían permitir a un atacante crear/descargar archivos arbitrarios, limitar la disponibilidad del sistema y ejecutar código de forma remota. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the exportLinks method of the LinksTable class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • https://us-cert.cisa.gov/ics/advisories/icsa-20-196-01 https://www.zerodayinitiative.com/advisories/ZDI-20-829 https://www.zerodayinitiative.com/advisories/ZDI-20-840 https://www.zerodayinitiative.com/advisories/ZDI-20-841 https://www.zerodayinitiative.com/advisories/ZDI-20-847 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2020-12019 – Advantech WebAccess Node Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-12019
WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. WebAccess Node versión 8.4.4 y anteriores, es vulnerable a un desbordamiento de búfer en la región stack de la memoria, que puede permitir a un atacante ejecutar código arbitrario remotamente This vulnerability allows local attackers to escalate privileges on affected installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of the PostgreSQL database. The issue results from incorrect permissions set on a resource used by the service. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. • https://www.us-cert.gov/ics/advisories/icsa-20-161-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2020-12006 – Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002711 Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-12006
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. Advantech WebAccess Node, versiones 8.4.4 y anteriores, versión 9.0.0. Se presentan múltiples vulnerabilidades de salto de ruta relativa que pueden permitir a un usuario con poco privilegio sobrescribir archivos fuera del control de la aplicación. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. • https://www.us-cert.gov/ics/advisories/icsa-20-128-01 https://www.zerodayinitiative.com/advisories/ZDI-20-589 https://www.zerodayinitiative.com/advisories/ZDI-20-595 https://www.zerodayinitiative.com/advisories/ZDI-20-605 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVE-2020-12018 – Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002722 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-12018
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data. Advantech WebAccess Node, versiones 8.4.4 y anteriores, versión 9.0.0. Se presenta una vulnerabilidad de lectura fuera de límites que puede permitir el acceso a datos no autorizados. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. • https://www.us-cert.gov/ics/advisories/icsa-20-128-01 https://www.zerodayinitiative.com/advisories/ZDI-20-628 • CWE-125: Out-of-bounds Read •
CVE-2020-10638 – Advantech WebAccess/SCADA BwBacNetJ Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-10638
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. Advantech WebAccess Node, versiones 8.4.4 y anteriores, versión 9.0.0. Se presentan múltiples vulnerabilidades de desbordamiento del búfer en la región heap de la memoria causada por una falta de comprobación apropiada de la longitud de los datos suministrados por el usuario, que puede permitir una ejecución de código remota. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. • https://www.us-cert.gov/ics/advisories/icsa-20-128-01 https://www.zerodayinitiative.com/advisories/ZDI-20-593 https://www.zerodayinitiative.com/advisories/ZDI-20-599 https://www.zerodayinitiative.com/advisories/ZDI-20-600 https://www.zerodayinitiative.com/advisories/ZDI-20-603 https://www.zerodayinitiative.com/advisories/ZDI-20-616 https://www.zerodayinitiative.com/advisories/ZDI-20-621 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •