CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2611 – Advantech R-SeeNet Use of Hard-coded Credentials
https://notcve.org/view.php?id=CVE-2023-2611
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list. This hidden user has a password that cannot be changed by users. This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the database. The issue results from the existence of an additional user in the database that is not visible in the web application. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-173-02 • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3256 – Advantech R-SeeNet External Control of File Name or Path
https://notcve.org/view.php?id=CVE-2023-3256
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files. This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the device_status page. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-173-02 • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2866 – Advantech WebAccess Insufficient Type Distinction
https://notcve.org/view.php?id=CVE-2023-2866
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-150-01 • CWE-345: Insufficient Verification of Data Authenticity CWE-351: Insufficient Type Distinction •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22450
https://notcve.org/view.php?id=CVE-2023-22450
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32540
https://notcve.org/view.php?id=CVE-2023-32540
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01 • CWE-94: Improper Control of Generation of Code ('Code Injection') •