ICSA-19-260-01 · Published 2019-09-17 · View on CISA ICS-CERT ↗

Advantech WebAccess

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, access files and perform actions at a privileged level, or delete files on the system.

CVEs (4)

CVE-2019-13558 CVE-2019-13552 CVE-2019-13556 CVE-2019-13550

Remediations

Advantech has released Version 8.4.2 of WebAccessNode to address the reported vulnerabilities. Users can download the latest version of WebAccessNode at the following location:https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV&Doc_Source=Download

Affected Vendors

Advantech

Affected Products (1)

Advantech · WebAccess <= 8.4.1

Affected Sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more