This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote host is running a service affected by remote code execution
and information disclosure vulnerabilities.
The Advantech / BroadWin WebAccess software installed on the remote
Windows host includes an RPC service (webvrpcs.exe) that listens
remotely on TCP port 4592 and reportedly is affected by two
- It suffers from a remote code execution vulnerability.
- It leaks the security code that protects the SCADA node.
Note that these vulnerabilities can reportedly be exploited by an
unauthenticated, remote attacker.
See also :
Advantech has released WebAccess 7.1 2013.05.30 to mitigate this
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 10.0
Public Exploit Available : true