ICSA-12-047-01A · Published 2025-06-17 · View on CISA ICS-CERT ↗

Advantech WebAccess Vulnerabilities

CVSS 10.0 CRITICAL

CVEs (18)

CVE-2012-0233 CVE-2012-0234 CVE-2012-0235 CVE-2012-0236 CVE-2012-0237 CVE-2012-0238 CVE-2012-0239 CVE-2012-0240 CVE-2011-4526 CVE-2011-4524 CVE-2011-4525 CVE-2011-4521 CVE-2011-4522 CVE-2011-4523 CVE-2012-0241 CVE-2012-0242 CVE-2012-0243 CVE-2012-0244

Remediations

Advantech has created a new version of WebAccess (7.0) that addresses these vulnerabilities.Advantech WebAccess security update, (http://webaccess.advantech.com/security.php).
This new version can be obtained at: (http://webaccess.advantech.com/downloads.php). Advantech recommends that the new version be installed over the existing installation. If the existing version of WebAccess is uninstalled, the computer must be rebooted before reinstalling WebAccess.
Advantech recommends that customers using the WebAccess product refer to security considerations recommended by their installation manual.WebAccess Quick Installation Guide, BroadWin, (http://broadwin.com/Manual/InstallGuide/InstallGuide.htm).
For further assistance, customers should contact BroadWin support at (mailto:[email protected]).WebAccess customer notification, (http://www.advantechdirect.com/eMarketingPrograms/WebAccess_Patch/WebAccess_Vulnerability.htm).

Affected Vendors

Advantech/BroadWin

Affected Products (1)

Advantech/BroadWin · WebAccess <patch_V7.0

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more