← Back to home
ICSA-19-346-01  ·  Published 2019-12-12  ·  View on CISA ICS-CERT ↗

Advantech DiagAnywhere Server

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of this vulnerability may allow remote code execution.

CVEs (1)

Remediations

  • Advantech has phased out DiagAnywhere Server Version 3.07.11 and removed it from its website. Advantech has released Version 3.07.14 of DiagAnywhere Server to address the reported vulnerability. Users can download the latest version of DiagAnywhere Server by accessing the Advantech Support Portal at DiagAnywhere Server update.

Affected Vendors

Advantech

Affected Products (1)

Advantech · DiagAnywhere Server <= 3.07.11

Affected Sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more