Advantech.WebAccess.SCADA.Bw.Security.Policy.Bypass
Description
This indicates an attack attempt to exploit a Security Policy Bypass Vulnerability in Advantech WebAccess.
A remote, unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted RPC request to the target server. Successful exploitation allows the attacker to execute particular system calls with user-supplied arguments on the target server.
Affected Products
Advantech WebAccess prior to 8.4.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://support.advantech.com/support/DownloadSRDetail_New.aspx?SR_ID=1-MS9MJV&Doc_Source=Download
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-12-13 | 15.744 | Sig Added |
2019-12-05 | 15.739 | Name:Advantech. WebAccess. SCADA. Bwgetval. Arbitrary. File. Deletion:Advantech. WebAccess. SCADA. Bw. Security. Policy. Bypass |
2019-11-29 | 15.736 | Default_action:pass:drop |
2019-10-10 | 14.703 | Sig Added |
2019-10-04 | 14.700 |