ICSA-20-219-02 · Published 2020-08-06 · View on CISA ICS-CERT ↗

Advantech WebAccess HMI Designer

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.

CVEs (6)

CVE-2020-16207 CVE-2020-16211 CVE-2020-16213 CVE-2020-16229 CVE-2020-16215 CVE-2020-16217

Remediations

Advantech has released Version 2.1.9.81 of WebAccess HMI Designer to address the reported vulnerabilities. Users can download the latest version of WebAccess HMI Designer.

Affected Vendors

Advantech

Affected Products (1)

Advantech · WebAccess HMI Designer <= 2.1.9.31

Affected Sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more