Permissions Flaw in WebAccess Node by Advantech
CVE-2020-16202

7.8HIGH

Key Information:

Vendor: Advantech
Status: Webaccess Node
Vendor: CVE Published:; 22 September 2020

Summary

A permissive misconfiguration in WebAccess Node, prior to version 9.0.1, exposes specific resources to unauthorized access. This flaw could enable an attacker to execute arbitrary code with system privileges, potentially compromising system integrity and security.

Affected Version(s)

WebAccess Node All versions prior to 9.0.1

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-261-01

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 22, 2020
Vulnerability Reserved
Jul 31, 2020