ICSA-18-296-01 · Published 2018-10-23 · View on CISA ICS-CERT ↗

Advantech WebAccess

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, access files and perform actions at a privileged level, or delete files on the system.

CVEs (4)

CVE-2018-14816 CVE-2018-14820 CVE-2018-14828 CVE-2018-14806

Remediations

Advantech has released Version 8.3.3 of WebAccess to address the reported vulnerabilities. Users can download the latest version of WebAccess at the following location:

Affected Vendors

Advantech

Affected Products (1)

Advantech · WebAccess <= 8.3.1

Affected Sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more