← Back

Advantech

advantech

378 CVEs • 95 products

Products (95)

Click to collapse
Toggle
Webaccess
webaccess
103 CVEs
Advantech Webaccess
advantech_webaccess
44 CVEs
R Seenet
r-seenet
40 CVEs
Iview
iview
37 CVEs
Webaccess/scada
webaccess/scada
29 CVEs
Webaccess/nms
webaccess/nms
20 CVEs
Eki 6333ac 2g Firmware
eki-6333ac-2g_firmware
20 CVEs
Eki 6333ac 2gd Firmware
eki-6333ac-2gd_firmware
20 CVEs
Eki 6333ac 1gpo Firmware
eki-6333ac-1gpo_firmware
20 CVEs
Webaccess Scada
webaccess_scada
12 CVEs
Webaccess/hmi Designer
webaccess/hmi_designer
12 CVEs
Webaccess/vpn
webaccess/vpn
12 CVEs
Webaccess Dashboard
webaccess_dashboard
11 CVEs
Wise Deviceon Server
wise-deviceon_server
11 CVEs
Wise 4060lan Firmware
wise-4060lan_firmware
8 CVEs
Wise 4050lan Firmware
wise-4050lan_firmware
8 CVEs
Wise 4010lan Firmware
wise-4010lan_firmware
8 CVEs
Webaccess Hmi Designer
webaccess_hmi_designer
6 CVEs
Wise Paas/rmm
wise-paas/rmm
5 CVEs
Deviceon/iedge
deviceon/iedge
5 CVEs
Eki 1521 Firmware
eki-1521_firmware
5 CVEs
Eki 1522 Firmware
eki-1522_firmware
5 CVEs
Eki 1524 Firmware
eki-1524_firmware
5 CVEs
Advantech Studio
advantech_studio
3 CVEs
Susiaccess
susiaccess
3 CVEs
Spectre Rt Ert351 Firmware
spectre_rt_ert351_firmware
3 CVEs
Adam 5630 Firmware
adam-5630_firmware
3 CVEs
Eki 1321 Series Firmware
eki-1321_series_firmware
2 CVEs
Eki 1322 Series Firmware
eki-1322_series_firmware
2 CVEs
Adam 5550 Firmware
adam_5550-firmware
2 CVEs
Adam 6015
adam-6015
1 CVE
Adam 6017
adam-6017
1 CVE
Adam 6018
adam-6018
1 CVE
Adam 6022
adam-6022
1 CVE
Adam 6024
adam-6024
1 CVE
Adam 6050
adam-6050
1 CVE
Adam 6050w
adam-6050w
1 CVE
Adam 6051
adam-6051
1 CVE
Adam 6051w
adam-6051w
1 CVE
Adam 6052
adam-6052
1 CVE
Adam 6060
adam-6060
1 CVE
Adam 6060w
adam-6060w
1 CVE
Adam 6066
adam-6066
1 CVE
Adam 6501
adam-6501
1 CVE
Adam Opc Server
adam_opc_server
1 CVE
Modbus Rtu Opc Server
modbus_rtu_opc_server
1 CVE
Modbus Tcp Opc Server
modbus_tcp_opc_server
1 CVE
Eki 6340 Firmware
eki-6340_firmware
1 CVE
Eki 6340
eki-6340
1 CVE
Adamview
adamview
1 CVE
Eki 1200 Gateway Series Firmware
eki-1200_gateway_series_firmware
1 CVE
Eki 1361 Series Firmware
eki-1361_series_firmware
1 CVE
Eki 1362 Series Firmware
eki-1362_series_firmware
1 CVE
Eki 122x Series Firmware
eki-122x_series_firmware
1 CVE
Vesp211 Eu Firmware
vesp211-eu_firmware
1 CVE
Vesp211 232 Firmware
vesp211-232_firmware
1 CVE
Webop
webop
1 CVE
Diaganywhere
diaganywhere
1 CVE
Bb Eswgp506 2sfp T Firmware
bb-eswgp506-2sfp-t_firmware
1 CVE
Sq Manager
sq_manager
1 CVE
Deviceon/iservice
deviceon/iservice
1 CVE
Wise Paas/ota
wise-paas/ota
1 CVE
Adam 3600 Firmware
adam-3600_firmware
1 CVE
Tp 3250 Firmware
tp_3250_firmware
1 CVE
Iot Edge Linux Docker
iot_edge_linux_docker
1 CVE
Iot Edge Windows
iot_edge_windows
1 CVE
Iotsuite Growth Linux Docker
iotsuite_growth_linux_docker
1 CVE
Iotsuite Saas Composer
iotsuite_saas_composer
1 CVE
Iotsuite Starter Linux Docker
iotsuite_starter_linux_docker
1 CVE
Eki 1221
eki-1221
0 CVEs
Eki 1221d
eki-1221d
0 CVEs
Eki 1222
eki-1222
0 CVEs
Eki 1222d
eki-1222d
0 CVEs
Eki 1224
eki-1224
0 CVEs
Eki 1321
eki-1321
0 CVEs
Eki 1322
eki-1322
0 CVEs
Eki 1361
eki-1361
0 CVEs
Eki 1362
eki-1362
0 CVEs
Vesp211 Eu
vesp211-eu
0 CVEs
Vesp211 232
vesp211-232
0 CVEs
Bb Eswgp506 2sfp T
bb-eswgp506-2sfp-t
0 CVEs
Spectre Rt Ert351
spectre_rt_ert351
0 CVEs
Adam 3600
adam-3600
0 CVEs
Eki 1521
eki-1521
0 CVEs
Eki 1522
eki-1522
0 CVEs
Eki 1524
eki-1524
0 CVEs
Adam 5630
adam-5630
0 CVEs
Adam 5550
adam-5550
0 CVEs
Eki 6333ac 2g
eki-6333ac-2g
0 CVEs
Eki 6333ac 2gd
eki-6333ac-2gd
0 CVEs
Eki 6333ac 1gpo
eki-6333ac-1gpo
0 CVEs
Wise 4060lan
wise-4060lan
0 CVEs
Wise 4050lan
wise-4050lan
0 CVEs
Wise 4010lan
wise-4010lan
0 CVEs
Tp 3250
tp_3250
0 CVEs

CVEs (378)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-32954
1Advantech
1Webaccess/scada
Nov 21, 2024
Jun 18, 2021
N/A· v4
6.5 MEDIUM· v3
6.8 MEDIUM· v2
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system.
CVE-2021-32932
1Advantech
1Iview
Nov 21, 2024
Jun 11, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The affected product is vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information on the iView (versions prior to v5.7.03.6182).
CVE-2021-32930
1Advantech
1Iview
Nov 21, 2024
Jun 11, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182).
CVE-2021-34540
1Advantech
1Webaccess
Nov 21, 2024
Jun 11, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard.
CVE-2021-27437
1Advantech
1Wise Paas/rmm
Nov 21, 2024
May 7, 2021
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authenticat...Show more
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1).Show less
CVE-2021-22669
1Advantech
1Webaccess/scada
Nov 21, 2024
Apr 26, 2021
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password...Show more
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system.Show less
CVE-2021-27436
1Advantech
1Webaccess/scada
Nov 21, 2024
Mar 18, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/se...Show more
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions.Show less
CVE-2019-18235
1Advantech
1Spectre Rt Ert351 Firmware
Nov 21, 2024
Mar 17, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force password attack.
CVE-2019-18233
1Advantech
1Spectre Rt Ert351 Firmware
Nov 21, 2024
Mar 17, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack.
CVE-2019-18231
1Advantech
1Spectre Rt Ert351 Firmware
Nov 21, 2024
Mar 17, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request.
CVE-2020-13554
1Advantech
1Webaccess/scada
Nov 21, 2024
Mar 3, 2021
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess,...Show more
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.Show less
CVE-2021-22667
1Advantech
1Bb Eswgp506 2sfp T Firmware
Nov 21, 2024
Feb 24, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-...Show more
BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior).Show less
CVE-2020-25161
1Advantech
1Webaccess/scada
Nov 21, 2024
Feb 23, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
CVE-2020-13555
1Advantech
1Webaccess/scada
Nov 21, 2024
Feb 17, 2021
N/A· v4
8.8 HIGH· v3
7.2 HIGH· v2
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace...Show more
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.Show less
CVE-2020-13553
1Advantech
1Webaccess/scada
Nov 21, 2024
Feb 17, 2021
N/A· v4
8.8 HIGH· v3
7.2 HIGH· v2
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess,...Show more
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.Show less
CVE-2020-13552
1Advantech
1Webaccess/scada
Nov 21, 2024
Feb 17, 2021
N/A· v4
8.8 HIGH· v3
7.2 HIGH· v2
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folde...Show more
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.Show less
CVE-2020-13551
1Advantech
1Webaccess/scada
Nov 21, 2024
Feb 17, 2021
N/A· v4
8.8 HIGH· v3
7.2 HIGH· v2
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either repl...Show more
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.Show less
CVE-2020-13550
1Advantech
1Webaccess/scada
Nov 21, 2024
Feb 17, 2021
N/A· v4
7.7 HIGH· v3
4.0 MEDIUM· v2
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated...Show more
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2021-22658
1Advantech
1Iview
Nov 21, 2024
Feb 11, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'.
CVE-2021-22656
1Advantech
1Iview
Nov 21, 2024
Feb 11, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files.