Advantech WebAccess webvrpcs.exe Path Traversal RCE
Critical Nessus Plugin ID 117360
SynopsisThe remote host is running a SCADA application that is affected by a path traversal vulnerability.
DescriptionThe Advantech WebAccess/SCADA Network Service (webvrpcs.exe) running on the remote host is affected by a path traversal vulnerability due to the failure to properly validate user-supplied input when processing a DCERPC request. An unauthenticated, remote attacker can exploit this, via a series of crafted requests, to execute arbitrary code.
Note that this vulnerability is supposedly fixed in WebAccess/SCADA version 8.3, but it appears that versions 8.3.1 and 8.3.2 are still vulnerable.
SolutionWebAccess/SCADA version 8.3.3 or later appears to fix the issue.
Contact vendor for confirmation.