Advantech WebAccess < 8.1_20160519 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 9960

Synopsis

The detected version of Advantech WebAccess may be affected by multiple attack vectors.

Description

The installed version of Advantech WebAccess is prior to 8.1_20160519 and is affected by the following vulnerabilities :

- A flaw exists that is triggered as 'upAdminPg.asp' exposes sensitive information, including administrative passwords. This may allow an authenticated remote attacker to disclose sensitive information. (OSVDB 142284)
- A flaw exists that is triggered as multiple unspecified ActiveX controls, which are intended for restricted use, are instead marked as safe-for-scripting. This may potentially allow a context-dependent attacker to leverage them to conduct attacks. (OSVDB 140285)
- An overflow condition in exists 'cellvision.ocx' that is triggered as user-supplied input is not properly validated when handling DLL files. This may allow a context-dependent attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (OSVDB 140286)
- A flaw exists in the project user web page that may expose password information to remote attackers. No further details have been provided by the vendor. (OSVDB 142561)
- An overflow condition exists in the 'cellvision.ocx' control. The issue is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a buffer overflow, potentially allowing the execution of arbitrary code. (OSVDB 142562)

Solution

Upgrade to Advantech WebAccess version 8.1_20160519 or later.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01

http://www.securityweek.com/advantech-failed-patch-serious-flaws-scada-product

Plugin Details

Severity: High

ID: 9960

File Name: 9960.prm

Family: SCADA

Published: 2017/02/14

Modified: 2017/02/14

Dependencies: 9860

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.5

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:advantech:advantech_webaccess

Patch Publication Date: 2016/05/19

Vulnerability Publication Date: 2016/05/19

Reference Information

CVE: CVE-2016-4525, CVE-2016-4528

OSVDB: 142284, 140285, 140286, 142561, 142562