CVE-2020-14503

Published: Jul 15, 2020Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Advantech iView, versions 5.6 and prior, has an improper input validation vulnerability. Successful exploitation of this vulnerability could allow an attacker to remotely execute arbitrary code.

Affected (1)

Products: Advantech: Iview

Advantech

1 product

Iview

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Advantech Iview	Up to 5.6

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

https://us-cert.cisa.gov/ics/advisories/icsa-20-196-01

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://www.zerodayinitiative.com/advisories/ZDI-20-834/

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryVDB Entry

https://us-cert.cisa.gov/ics/advisories/icsa-20-196-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://www.zerodayinitiative.com/advisories/ZDI-20-834/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.