CVE-2021-22652

9.8CRITICAL

Key Information

Vendor: Advantech
Status: Advantech Iview
Vendor: CVE Published:; 11 February 2021

Summary

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.

Affected Version(s)

Advantech iView = iView versions prior to v5.7.03.6112

EPSS Score

9% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Feb 11, 2021
Vulnerability Reserved.
Jan 5, 2021

Collectors

NVD DatabaseMitre Database